Quantcast
Channel: XyliBox
Browsing all 128 articles
Browse latest View live
↧

Image may be NSFW.
Clik here to view.

AVScanner Source

Found yesterday:Package is simpleYou just need a scan4you APISelect a file:Result:We will probably see some new private av checkers soon...

View Article


Image may be NSFW.
Clik here to view.

DeadLine's Survey Builder (Adslocker)

Another 'adslock' this time in .NET (so yeah, that come from HF)Webcheck:It open a webpage to a text file and look on the txt your hwid, on the list ? allowed.Builder:Locker:Designed to fail.Open...

View Article


Image may be NSFW.
Clik here to view.

Raspberry Pi

In August i've ordered a Raspberry Pi, i just received it (not a joke, it took 5 months)I just need to get back my HDMI cable now...Will use it to brute force malicious servers :)

View Article

Image may be NSFW.
Clik here to view.

Web Crab formgrabber

And to finish my hackforum tour for the day...Advert:9Kb with UPX:Looking for process:Open process:WriteProcess:And CreateRemoteThread. (the first time i run the malware made Firefox crashed, second...

View Article

Image may be NSFW.
Clik here to view.

Talking to a FakeAV black processing service

Finding a payement processor for black is complicated and private kind of business because they are connected with banks and real life, in 2011 most of FakeAV program was in difficulty due to the...

View Article


Image may be NSFW.
Clik here to view.

It's the end of Citadel ?

Not the end of world like Mayan calendar predict but the end of Citadel.Since November, Aquabox have misteriously vanished of forums and jabber.He even got banned on a underground forumLast CRM...

View Article

Image may be NSFW.
Clik here to view.

Moneycloud PPI Affiliate (Simda.A)

New PPI affiliate appearedI know it since the begining i was just bored to have a look.. Via mails etc....Advert:Statistic screenshot of a guys inside:ICQ:It's the end of 2012 so.. wanna laugh a bit...

View Article

Image may be NSFW.
Clik here to view.

Phish-BankFraud/PHP.Mailer/PHP.Shell

Investigation on some compromised servers used for phishings during these two weeks. (part 2 of Phishing Hunting, a bit more technical now)The first site is gtmaustralia.com.au, phishing...

View Article


Image may be NSFW.
Clik here to view.

Black processing service for malware only

Adv:Shortened a bit:good Internet day =)I'm looking for a partner with working spyware or an owner of affiliate programI have a working merchant for plastic cards, for high risk. (not for carding)Some...

View Article


Image may be NSFW.
Clik here to view.

Andromeda bot

Come from a Keitaro TDS: http://urlquery.net/report.php?id=756624 Lead on: ald-facebook.co.uk/operations/outer_band_remote.phpPayload: http://vxvault.siri-urz.net/ViriFiche.php?ID=22729Andromeda 2.6,...

View Article

Image may be NSFW.
Clik here to view.

How to hex a malware and make a builder

Hello, a tutorial made some weeks ago on Trojanforge, got the idea to write after seeing this:And also because malware builders seems to be fashion these days.When malware writers give only bins and no...

View Article

Image may be NSFW.
Clik here to view.

IceIX/Zeus Red/Zeus

Some C&C of Zeus found in the wild.Let's start with IceIX: • dns: 1 ›› ip: 78.131.222.67 - adresse: POWIAT-LANCUT.COM.PLLogin:Summary statistics:OS:Bots:Scripts:Search in database:Search in...

View Article

Image may be NSFW.
Clik here to view.

Trojan:Win32/Reveton

[root@heretyghyuiiiojk www]#What a cool hostname.Just the basic, landing for Italian ransom.And traces of german landingCode comments and variables name are in englishBy looking the code source of...

View Article


Image may be NSFW.
Clik here to view.

vSkimmer, Another POS malware

When i've view this post, content was already removed and member Banned.vSkimmer - Virtual SkimmerFunctions:- Track 2 grabber- HTTP Loader (Download & Execute)- Update bot itselfWorking Modes:-...

View Article

Image may be NSFW.
Clik here to view.

TowPow BulletProof Affiliate

TOWPOW is a sub-affiliate of Zed-Cash who recently rebranded. Adv:Login page:News:Stats:Stats by sites:By domains:Charts:Websites landings:Profile:Change password:Change profile:Affiliate...

View Article


Image may be NSFW.
Clik here to view.

Trojan.Win32/Spy.Ranbyus

 Received a mail with an interesting exehttps://www.virustotal.com/file/17a3ee51492b9b2ba155f54be61f2c305b090cee8d604d1df616ca3ba881b372/analysis/1359049655/Thanks creep.This bot is used by one group...

View Article

Image may be NSFW.
Clik here to view.

Phish-BankFraud (EDF+CAF)

These time our guys target CAF and still EDF.Phishing redirector:http://www.phishtank.com/phish_detail.php?phish_id=1711740 > 0/33CAF phishing:...

View Article


Image may be NSFW.
Clik here to view.

Disk Antivirus Professional

According to S!Ri:Disk Antivirus Professional is a fake anti-spyware tool. It displays fake alert messages, prevent execution of legit programs and detects inexistent infections to scare users.It is a...

View Article

Image may be NSFW.
Clik here to view.

64.85.233.8

bl4kj.zapto.org - astound-64-85-233-8.ca.astound.net -...

View Article

Image may be NSFW.
Clik here to view.

Petroleum POS malware ?

Recently aaSSfxxx posted an interesting file on kernelmodea POS malware loaded via Andromeda according to him.I've asked him to write something so i will not explain you the life about how this malware...

View Article
Browsing all 128 articles
Browse latest View live