[Question] Are you interested in RAT/Keylogger stubs upload ?

[Aura]

Hey guys, Aura here.

Everyday, I come across different samples of RATs and Keyloggers (stubs). Most of them are crypted with different crypters and coming from different RATs and Keyloggers, therefore, varied samples. Would you be interested/am I allowed to upload these samples for you to play with if you want ? One fun thing with these stubs is that you can use them to backtrace the spreader and try to shutdown his C&C server, if you have people able to do that here.

Just wondering if you guys would be interested in that.

Thank you.

 

[MalwareHunter]

Hello Aura,

I'm still a new member here, but I'm sure that you can share the samples in the Virus Exchange section.

 

[Deleted member 178]

I'm still a new member here, but I'm sure that you can share the samples in the Virus Exchange section.

indeed he can upload them there.

 

[Aura]

Alright then, I'll start uploading them as soon as I get across samples.
Are you interested in backtracing the stubs to their spreaders too and try to take down the C&C server or not ? Just wondering.

 

[MalwareHunter]

Alright then, I'll start uploading them as soon as I get across samples.
Are you interested in backtracing the stubs to their spreaders too and try to take down the C&C server or not ? Just wondering.

I'm waiting for you samples.

If anyone, here in MalwareTips can take down c&c servers, I will try to extract informations from the samples (hosts, IPs, ports and emails with passes from stealers if needed) when I have time for it.

 

[Aura]

I'm waiting for you samples.

If anyone, here in MalwareTips can take down c&c servers, I will try to extract informations from the samples (hosts, IPs, ports and emails with passes from stealers if needed) when I have time for it.

This is a fun thing to do yes. I have a friend that does that all day long for fun. I assisted him once and we managed to shutdown a C&C server with over 500 slaves on it.
Good times.

 

[Deleted member 21043]

YES! We are very interested in it. You can upload them over at Malware Hub (Virus Exchange).

Thanks!

 

[Aura]

Any favorite upload websites you want me to upload the samples to ?

 

[Malware1]

Any favorite upload websites you want me to upload the samples to ?

http://kuai.xunlei.com/

 

[Aura]

http://kuai.xunlei.com/

How do you want me to upload to this website without reading Chinese, haha.

 

[Deleted member 21043]

How do you want me to upload to this website without reading Chinese, haha.

I can't use those chinese websites. I don't know Chinese, and I simply refuse to learn it. I get my time pulled off my hands enough than dedicating so much effort to learning it, after having to learn French AND German every year at school for the past 3 years, and before secondary Spanish. I simply will not learn another, especially in my own time... Lol.

 

[MalwareHunter]

Any favorite upload websites you want me to upload the samples to ?

Use rghost.net if possible or anything other host from where we can download the files easily.

 

[Aura]

Use rghost.net if possible or anything other host from where we can download the files easily.

Because I would use Mega.co.nz or ge.tt.

 

[Malware1]

How do you want me to upload to this website without reading Chinese, haha.

You don't need to read Chinese.

 

[MalwareHunter]

Because I would use Mega.co.nz or ge.tt.

If you ask me, ge.tt better than Mega. Just upload your sample(s) in a password protected archive.

 

[Aura]

You don't need to read Chinese.

I still don't understand how to use that website or where to click cause it's all in Chinese.

If you ask me, ge.tt better than Mega. Just upload your sample(s) in a password protected archive.

I'll use ge.tt then, way easier.