API tools faq
paste
MalwareMustDie

MalwareMustDie's Pastebin

An archive of MMD pastes until 2014 (inactive, museums)    204,828 1,075,756 0 12 years ago
Name / Title Added Expires Hits Comments Syntax  
ITW Campaign of Dyre Malware via Explopit CVE-2013-2729 PDF Oct 15th, 2014 Never 3,944 0 JavaScript -
PoC of the IptabLeX windows version exists Oct 15th, 2014 Never 3,243 0 ASM (NASM) -
Multiple China DDoS-er/backdoor payloads w/long shell cmd Oct 14th, 2014 Never 5,723 0 JavaScript -
.IptabLes|x comeback frade8c.com:9162 Oct 13th, 2014 Never 2,407 0 Bash -
China Windows DDoSer w/USA CNC 23.91.3.246 Oct 5th, 2014 Never 2,811 0 ASM (NASM) -
China Crooks White List snagged by MMD Sep 22nd, 2014 Never 10,486 0 None -
RFI - Bossa Sep 15th, 2014 Never 3,325 0 None -
Redundant Exploit Multi-Arc attack of BossaBot Sep 8th, 2014 Never 3,102 0 ASM (NASM) -
Redundant dirs for RFI attack BossaBot #Malwaremustdie! Sep 8th, 2014 Never 3,967 0 ASM (NASM) -
Chinese ELF: profild && keymap22 highlights.. Sep 2nd, 2014 Never 3,017 0 ASM (NASM) -
China Elf Malware & Kernel Exploit Factory Sep 2nd, 2014 Never 2,656 0 JavaScript -
Elf Remote DDoS Management Tools from China Jul 29th, 2014 Never 3,228 0 MIX Assembler -
TAOBAO China ELF DDoS'er Jul 28th, 2014 Never 4,195 0 MIX Assembler -
I'm a mu mu mu? Just a Crap! Jul 27th, 2014 Never 2,535 0 JavaScript -
Installation of the Autostart Scripts | China DDoSer Jun 16th, 2014 Never 2,910 0 ASM (NASM) -
Network Interface grabbed | China DDoSer Jun 16th, 2014 Never 3,853 0 ASM (NASM) -
Server sensitive info's grabbed | China DDoSer Jun 16th, 2014 Never 2,829 0 ASM (NASM) -
Updater function | China DDoS'er Jun 16th, 2014 Never 2,869 0 ASM (NASM) -
Zbic Decompression Data | China DDoSer Jun 16th, 2014 Never 3,190 0 ASM (NASM) -
DNS Flood Thread | China DDoSer Jun 16th, 2014 Never 3,447 0 ASM (NASM) -
SYN Flood Thread | China DDoSer Jun 16th, 2014 Never 3,268 0 ASM (NASM) -
Recent Incident of Linux ELF (LD_PRELOAD) libworker.so Jun 10th, 2014 Never 3,536 0 JavaScript -
Case #8 - Journey to Abused FTP Jun 4th, 2014 Never 2,727 0 JavaScript -
#MMD| xx(32|64)'s Symbol table | Elf analysis May 12th, 2014 Never 7,643 0 None -
libworker.so ALIVE sites May 10th, 2014 Never 3,706 0 None -
#MalwareMustDie! libworker.so malware library infected sites May 9th, 2014 Never 5,006 0 None -
Fake Installer downloads PUP Backdoor May 2nd, 2014 Never 2,305 0 JavaScript -
Mapping of PC Spambot April 2014 Upatre/GMO Apr 25th, 2014 Never 4,820 0 None -
Kelihos Infection APRIL 18th 2014 / last 16h monitoring Apr 17th, 2014 Never 3,065 0 None -
Kelihos Infection APRIL 17th 2014 / 12h Apr 17th, 2014 Never 3,715 0 None -
April 14th ~ Recorded #SSH Bruter Attacker Top List Apr 15th, 2014 Never 5,098 0 None -
American Express Phishing April 12 2014 Apr 12th, 2014 Never 3,107 0 JavaScript -
List of recent SSH default user's login attacker's IPs Apr 10th, 2014 Never 4,765 0 None -
Four full set of spam campaign gameovers Apr 5th, 2014 Never 2,668 0 JavaScript -
UPATRE ZZP of ZGMO campaign via Spam attachment Mar 26th, 2014 Never 2,522 0 JavaScript -
Upatre downloading Zeus Gameover (GMO) Mar 26th, 2014 Never 2,509 0 JavaScript -
Nuclear bai bai Mar 22nd, 2014 Never 2,399 0 None -
Nuclear RU part 3 Mar 22nd, 2014 Never 2,597 0 None -
Nuclear RU part 2 Mar 22nd, 2014 Never 2,396 0 None -
Nuclear OVH & DB Mar 22nd, 2014 Never 2,594 0 None -
Nuclear RU part 1 Mar 18th, 2014 Never 2,771 0 None -
GoogleCode RECENT Malware Abuse list (only).. Mar 16th, 2014 Never 2,467 0 None -
Trojan bankings served in Google Code Mar 16th, 2014 Never 2,924 0 None -
#MalwareMustDie! Recent Upatre downloads encrypted Zbot/GMO Mar 14th, 2014 Never 3,253 0 JavaScript -
Taiwan Kelihos infection Log Mar 12th, 2014 Never 2,602 0 None -
"Wattering" RAT HAVEX INFECTION VERDICT Mar 10th, 2014 Never 34,110 0 Java -
Logger, Backdoor SMTP, Downloader from China Mar 8th, 2014 Never 2,460 0 JavaScript -
Citadel PoC Mar 3rd, 2014 Never 2,745 0 None -
When Traffer and Infector crooks work together Mar 2nd, 2014 Never 2,543 0 JavaScript -
Amazon/Google abuse: Feb 27th, 2014 Never 3,260 0 PHP -
Tango Down Check: Nuclear follow up Feb 27th, 2014 Never 2,795 0 JavaScript -
Kuluoz Reversing "QUICK" Notes Feb 14th, 2014 Never 2,476 0 ASM (NASM) -
Hacked Site with the US IRC Server'S Perl ShellBot Feb 12th, 2014 Never 4,297 0 Perl -
#MalwareMustDie - Decoding Kelihos Simda download FakeAV Feb 10th, 2014 Never 3,484 0 JavaScript -
Have a "xmlrpc.php" & GooDork for Breakfast Feb 6th, 2014 Never 2,719 0 XML -
Phishing AMEX Script (neutralized) Feb 5th, 2014 Never 6,809 0 JavaScript -
A wtf suspicious TDS.. Jan 27th, 2014 Never 2,676 0 None -
Forensics Data - PowerLocker $str(MemDumps) Jan 17th, 2014 Never 2,311 0 None -
#Nuclear EK infection domain chains.. Jan 16th, 2014 Never 2,504 0 None -
#Simda Payload callbacks Traffic (origin: Kelihos Botnet) Jan 16th, 2014 Never 2,208 0 None -
#Cridex Trojan Infection IP Source per Jan 17 2014 Jan 16th, 2014 Never 4,079 0 None -
Trojan/PWS Win32/Cridex RETURNS Jan 15th, 2014 Never 2,638 0 None -
FUD Kelihos Jan 14th, 2014 Never 2,151 0 None -
Kuluoz - Latest Version | Binary DUMP Analysis Jan 14th, 2014 Never 9,326 0 None -
Shadow Logger Registry Trace in Memory Dump (forensics) Jan 2nd, 2014 Never 9,649 0 None -
Shadow Logger Process Record Jan 2nd, 2014 Never 2,435 0 None -
Shadow Logger PE Strings Jan 2nd, 2014 Never 3,265 0 None -
#MMD Tango Down 311/2,989 Dec 2nd, 2013 Never 2,273 0 None -
SURBL CryptoLocker Nov 13th, 2013 Never 3,516 0 None -
BOTNET KULUOZ/ ASPROX BACK WITH NEW EXCYPTION Nov 12th, 2013 Never 2,471 0 None -
Nuclear EK Landing Page in Japan serves Citadel Nov 8th, 2013 Never 2,126 0 JavaScript -
FaceBook IM & Web Driven Facebook Trojan with DGA Downloader Nov 7th, 2013 Never 8,328 0 JavaScript -
#MalwareMustDie - MORE Zbot Trojans UP and ALIVE Nov 5th, 2013 Never 2,157 0 None -
#MalwareMustDie! ZEUS links that needed to nuke down: Nov 5th, 2013 Never 2,263 0 None -
#MalwareMustDie - #PoC of HOW Kelihos Infecting via RedKit Nov 5th, 2013 Never 2,280 0 None -
#MalwareMustDie! Zombie PCs used by Botnet & Malware Nov 4th, 2013 Never 2,488 0 None -
The cracking of 709days used by RunForrestRun DGA Nov 2nd, 2013 Never 2,568 0 JavaScript -
DGA (PseudoRandom Domain) RunForrestRun, Decoding 1st Step Nov 2nd, 2013 Never 2,515 0 JavaScript -
#MalwareMustDie! Zeus Variant Payloads Oct 30th, 2013 Never 2,383 0 None -
#malwareMustDie - The #w00tw00t Attack log Oct 20th, 2013 Never 2,906 0 Apache Log -
YAra rule: Citadel Oct 15th, 2013 Never 2,336 0 None -
#MalwareMustDie! Peeking at Recent Blackhole via IncomingFAX Sep 19th, 2013 Never 2,317 0 None -
KELIHOS MALWARE DETECTION RATIO - BY AV SCANNING AT VT Aug 31st, 2013 Never 2,265 0 None -
OP CleanUp Kelihos, CN: Polandia/Polska Aug 13th, 2013 Never 2,346 0 None -
OP CleanUp Kelihos, CN: Japan Aug 13th, 2013 Never 2,795 0 None -
OP CleanUp Kelihos, CN: Romania Aug 13th, 2013 Never 2,298 0 None -
OP CleanUp Kelihos, CN: Russia Aug 13th, 2013 Never 2,918 0 None -
OP CleanUp Kelihos, CN: USA Aug 13th, 2013 Never 3,463 0 None -
OP CleanUp Kelihos, CN: India Aug 13th, 2013 Never 2,222 0 None -
#MalwareMustDie - Kelihos Botnet IP Aug 11, 2013 take 1 Aug 11th, 2013 Never 38,580 0 None -
#MalwareMustDie - Kelihos Botnet IP AUg 11, 2013 Aug 11th, 2013 Never 2,493 0 None -
#MalwareMustDie! Kelihos BotNet IP TOTAL Aug 10th 2013 Aug 10th, 2013 Never 7,511 0 None -
Chekcing Latest Kelihos .COM domains sinkhole status Aug 10th, 2013 Never 2,187 0 None -
#MalwareMustDie! Last milking today, sorted unique : 1307ip Aug 10th, 2013 Never 2,070 0 None -
Kelihos Hit US IP.. Aug 9th, 2013 Never 2,420 0 None -
#MalwareMustDie! Kelihos BotNet IP-2 Aug 10th 2013 Aug 9th, 2013 Never 3,839 0 None -
#MalwareMustDie - Log of Report of ANOTHER 2 Kelihos domains Aug 9th, 2013 Never 2,001 0 None -
#MalwareMustDie - Log of Report of 2 more Kelihos domains Aug 9th, 2013 Never 2,079 0 None -
#MalwareMustDie! Kelihos BotNet IP Aug 10th 2013 Aug 9th, 2013 Never 8,346 0 None -
#MalwareMustDie - Log of Report of 8 more Kelihos domains Aug 9th, 2013 Never 2,204 0 None -
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!