Skip navigation.


System Tool 2010


Anyone have a sample for System Tool 2010? Need this for 2nd training class I am running in a few weeks. Thanks!!

System Tool Removal Trick


I know this may be a funny thing to make a post about
you can bypass the rogue system tool form blocking files from running by renaming any exe file to iExplore.exe

Looking for Advanced Security Tool 2010 Sample


Anyone know if this is available? Have a training class next week for my co-workers and this is the sample I want to inject into the training VM. Thanks!!

Looking for Security Shield + Sample


Can someone please send me a sample of the rogue Security Shield + to my email please

Sample required for Licat



Does anybody have samples of Licat, which is a successor of Zeus and uses a DRG algorithm. Once executed these connect to 194.1.220/23 subnet.



Study a botnet



I would like to study a botnet for a degree I would like to acquire. There are of course a lot of samples I can download and analyse in a lab or I could collect one on the Internet using a honeypot but how do I know if the malware I collect is recent? Is there a website where I can find a list of actual malware in the wild?

Thanks a lot for your help.




I'm looking for some malware that might use some form of DKOM to hide itself. Anyone aware of some samples? Thanks

Detecting Malicious PDF Files

| |

For the past few days I have been completely immersing myself in PDF research in hopes to find better ways to detect malicious PDF files. I have collected a pretty good random sample set (15K) of PDF data and have a bunch of malicious files with the same statistics. I have wrote some basic tools to aid in my research and it would be nice to get some input on the results I have found so far.

The outline of the project can be found here:

The blog with all the research, data and tools that have been released can be found here:

Ares - possible ZeuS successor


Is anybody can provide Ares sample?


looking for botnets...


Hi all,
I am looking for some malware which makes machines part of botnets but that communicate to their C&C servers using ICMP, DNS or other protocols "abused"
For example the Backdoor.Fonamebot ( is one who receive commands from c&c via DNS query packets

Thanks a lot to all of you
All the best

Syndicate content