Skip navigation.


Request for dutch banking trojans


Hi guys,

I'm currently doing some work for a bank in The Netherlands, for which we want to do some investigation concerning trojans that influence financial traffic over the internet or steal money or data or such.

We're currently setting up some virtual machines and creating a seperate internet line for these things, but in order to set everything up right I need some trojans that are actively retreiving user information, such as usernames, passwords, accounts and other personal or financial information.

Looking for sample rootkit abnow redirect


Looking for sample rootkit.

Google redirection

Looking for Nimbda


I've been looking for Nimbda and I cannot find it here or anywhere else. Is it known as something else or super rare or something? I'd appreciate it if someone could upload a sample for me :)

New Duqu variant (mcd9x86.sys)



Symantec said it came from Iran.
Anyone have this new driver or its idb at least?

thanks ;)

Stuxnet Sample


I am looking for stuxnet sample for teaching purpose. Any links? I have the host VM ready to be infected with the right patches and the siemens software.

Malware behavioral profiles


Hi there,

I am a PhD student from NTU Singapore, working on malware run-time behavior modeling.I want to evaluate the scalability of my approach. For that I need large amount of behavior profiles analyzed using any publicly available sandboxes like, CWSandbox or Anubis. So far I have found around 33K profiles analyzed using CWSandbox from Malheur. But I need some more, I hope to evaluate it on 100K behavioral profiles. Do anyone know where can I get them or publicly available.

Thank you.

Symantec antivirus 2006 source code leaked by anonymous movement

Recently, anonymous hackers released symantec 2006 antivirus source code for all platforms .
As symantec released their quick analysis, it appears that the source code leaked from Indian military research and south asian shipping organizations .
the paper is available here :
also source code is available @ piratebay :

malware exploiting vulnerability

| |

how do we find out (during analysis) that this particular malware is exploiting this particular vulnerability.
any links and indications highly appreciated.
thanks in advance



i"m looking for a sample of the rogue known as navashield. i would prefer to have it in a .zip file for security reasons but, any other method would be just fine. I'm pretty sure someone has posted a download link on the forum at some point or other

BHO Reversing


From a long time for those days (BHO is supported since IE 4.0) malware writers exploit BHO functionality to bully on IE users.
Mostly evil BHO has two functionality ( for sure if we talk about bankers):

- monitoring/logging requests sending by browser
POST dump - password stealing
- HTML page code dynamic modification
HTML code injection - used for e.g - adding additional form fields intended to obtain, more amount of TAN codes or generally some


Read entire post here: BHO Reversing

Syndicate content