One engine detected this file! Hmmmm
It's easy to become a miner....just that you will not be paid.
By the way... it was posted in some forum like this:
"**** Silence Miner - Make a lot of money "
Se afișează postările cu eticheta miner. Afișați toate postările
Se afișează postările cu eticheta miner. Afișați toate postările
luni, 26 februarie 2018
miercuri, 1 noiembrie 2017
Silent miner backdoored – Malware reverse
Today i found new backdoored hacking tool to play with.
A new Silent Miner made to infect with remote access some ”hackers”.
The exe it is binded with some files to work underground.
taskhost.exe
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SECURITY“; Key: “DISABLESECURITYSETTINGSCHECK
Temp1.exe
Temp2.exe
The antivirus software’s… hmmmm… 31/68 ?!?
Payload Security Team was there to.
And reported in the forum i found it!
Have fun & Stay safe!!!
Prodefence Team
A new Silent Miner made to infect with remote access some ”hackers”.
The exe it is binded with some files to work underground.
taskhost.exe
original filename: canhost.exe
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SECURITY“; Key: “DISABLESECURITYSETTINGSCHECK
netsh firewall add allowedprogram “%APPDATA%\taskhost.exe
http://120988.myq-see.com
178.137.146.32 – Ukraine
41.226.243.30:1337
Temp1.exe
C:\Users\mourad\Documents\Visual Studio 2012\Projects\canhost\canhost\obj\Debug\canhost.pdb
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SECURITY”; Key: “DISABLESECURITYSETTINGSCHECK
netsh firewall add allowedprogram “%APPDATA%\taskhost.exe
http://120988.myq-see.com
178.137.146.32 – Ukraine
41.226.243.30:1337
Temp2.exe
original filename: BcnSilentminerBytcoin.exe
stratum+tcp://mine.p2pool.com:9327
http://www.bitcoin-adder.com
\visual studio 2012\Projects\Bcn Silent miner Bytcoin\Bcn Silent miner Bytcoin\obj\Debug\Bcn Silent miner Bytcoin.pdb
The antivirus software’s… hmmmm… 31/68 ?!?
Payload Security Team was there to.
And reported in the forum i found it!
Have fun & Stay safe!!!
Prodefence Team
marți, 24 octombrie 2017
Silent minergate miner reverse – Backdoored
I found some ”free” software on the internet backdoored with that Silent Minergate, so this time i downloaded the Minergate to play with.
What i found?
Surprise, surprise … i have a backdoored one!!!
svchost.exe – 66.176.134.167:2404So.. why this Minergate tries to steal from me and control my computer?!?
cykaa.duckdns.org / NS1.DUCKDNS.ORG
getcamsi’N|mc$A{n
startcam1Fd
OpenCamera
Dhrefox StoredLogins
\key3.db
\logins./Q}d
[Firefox StoredLogi;Z5fj;
[Firefox Cookie0
tehwCzgokds & stored logins!]
pwgrab
autopswd$Rs
Downloading file: …. and more.
Have fun & Stay safe!!!
Abonați-vă la:
Postări (Atom)