MalwareMustDie

MalwareMustDie's Pastebin

An archive of MMD pastes until 2014 (inactive, museums)    105,512 462,583 8 years ago
Name / Title Added Expires Hits Syntax  
Check shellshock grep log - #MalwareMustDie Oct 16th, 2014 Never 1,716 Bash -
ITW Campaign of Dyre Malware via Explopit CVE-2013... Oct 15th, 2014 Never 1,700 JavaScript -
PoC of the IptabLeX windows version exists Oct 15th, 2014 Never 1,198 ASM (NASM) -
Multiple China DDoS-er/backdoor payloads w/long sh... Oct 14th, 2014 Never 3,172 JavaScript -
.IptabLes|x comeback frade8c.com:9162 Oct 13th, 2014 Never 552 Bash -
SSH Bruter Block IP List 20141009 #MMD Oct 9th, 2014 Never 1,439 MIX Assembler -
SSH Bruter Block IP List 20141008 #MMD Oct 8th, 2014 Never 1,262 MIX Assembler -
China Windows DDoSer w/USA CNC 23.91.3.246 Oct 5th, 2014 Never 1,030 ASM (NASM) -
China Crooks White List snagged by MMD Sep 22nd, 2014 Never 8,388 None -
RFI - Bossa Sep 15th, 2014 Never 1,184 None -
Redundant Exploit Multi-Arc attack of BossaBot Sep 8th, 2014 Never 867 ASM (NASM) -
Redundant dirs for RFI attack BossaBot #Malwaremus... Sep 8th, 2014 Never 897 ASM (NASM) -
#MalwareMustDie! Debugging a Ransomware Sep 8th, 2014 Never 957 ASM (NASM) -
#MalwareMustDie! Howto Crack Latest WSO Obfuscatio... Sep 6th, 2014 Never 1,674 PHP -
Chinese ELF: profild && keymap22 highlight... Sep 2nd, 2014 Never 995 ASM (NASM) -
China Elf Malware & Kernel Exploit Factory Sep 2nd, 2014 Never 771 JavaScript -
BossaBot Moar ELF IRC skids, #MalwareMustDie Aug 26th, 2014 Never 1,109 JavaScript -
Mayhem installer Aug 5th 2014 Aug 5th, 2014 Never 1,040 JavaScript -
Evil SuperFetchExec PHP Script Aug 5th, 2014 Never 2,605 PHP -
Elf Remote DDoS Management Tools from China Jul 29th, 2014 Never 1,376 MIX Assembler -
TAOBAO China ELF DDoS'er Jul 28th, 2014 Never 1,460 MIX Assembler -
#Mayhem Installer | latest one Jul 27th, 2014 Never 691 PHP -
I'm a mu mu mu? Just a Crap! Jul 27th, 2014 Never 751 JavaScript -
Installation of the Autostart Scripts | China DDoS... Jun 16th, 2014 Never 904 ASM (NASM) -
Network Interface grabbed | China DDoSer Jun 16th, 2014 Never 943 ASM (NASM) -
Server sensitive info's grabbed | China DDoSe... Jun 16th, 2014 Never 810 ASM (NASM) -
Updater function | China DDoS'er Jun 16th, 2014 Never 877 ASM (NASM) -
Zbic Decompression Data | China DDoSer Jun 16th, 2014 Never 1,107 ASM (NASM) -
DNS Flood Thread | China DDoSer Jun 16th, 2014 Never 1,129 ASM (NASM) -
SYN Flood Thread | China DDoSer Jun 16th, 2014 Never 1,112 ASM (NASM) -
Recent Incident of Linux ELF (LD_PRELOAD) libworke... Jun 10th, 2014 Never 1,004 JavaScript -
jinxed source2 of .SO ELF LD_PRELOAD PHP malware i... Jun 10th, 2014 Never 713 PHP -
jinxed source1 of .SO ELF LD_PRELOAD PHP malware i... Jun 10th, 2014 Never 768 PHP -
LD_PRELOAD .SO ELF MALWARE ATTACK FROM ROMANIA Jun 10th, 2014 Never 643 JavaScript -
Zendran DDoS'er ELF Installer Script Jun 6th, 2014 Never 696 PHP -
PowerBot Perl IRCBot | Case #8 - Journey to Abused... Jun 4th, 2014 Never 1,161 Perl -
Perl IRCBot - Case #8: DDoS'er & Spreader... Jun 4th, 2014 Never 1,827 Perl -
Case #8 - Journey to Abused FTP Jun 4th, 2014 Never 939 JavaScript -
Snagged: Perl RFI Scanner Bot 0.1 Jun 2nd, 2014 Never 2,099 Perl -
Snagged: Pbot Full Weaponized DDoS Jun 1st, 2014 Never 5,142 PHP -
LD_PRELOAD .SO ELF MALWARE FRESH ATTACK FROM OVH,... May 27th, 2014 Never 2,949 PHP -
Older version installer script of malware libworke... May 19th, 2014 Never 575 None -
#MMD| xx(32|64)'s Symbol table | Elf analysis May 12th, 2014 Never 5,624 None -
libworker.so ALIVE sites May 10th, 2014 Never 1,796 None -
#MalwareMustDie! libworker.so malware library infe... May 9th, 2014 Never 1,860 None -
Fake Installer downloads PUP Backdoor May 2nd, 2014 Never 575 JavaScript -
Mapping of PC Spambot April 2014 Upatre/GMO Apr 25th, 2014 Never 2,787 None -
Evil 302 Cushion TDS Pointing to fbt.yahoo.com/cou... Apr 24th, 2014 Never 807 JavaScript -
Kelihos Infection APRIL 18th 2014 / last 16h monit... Apr 17th, 2014 Never 1,239 None -
Kelihos Infection APRIL 17th 2014 / 12h Apr 17th, 2014 Never 1,899 None -
April 14th ~ Recorded #SSH Bruter Attacker Top Lis... Apr 15th, 2014 Never 2,625 None -
And YET another PHP Injected Apr 12th, 2014 Never 808 JavaScript -
Part2: And another PHP Injected | PHP/Redirector #... Apr 12th, 2014 Never 754 JavaScript -
And another PHP Injected | PHP/ShellBot Apr 12th, 2014 Never 818 JavaScript -
American Express Phishing April 12 2014 Apr 12th, 2014 Never 1,216 JavaScript -
List of recent SSH default user's login attac... Apr 10th, 2014 Never 2,133 None -
Four full set of spam campaign gameovers Apr 5th, 2014 Never 932 JavaScript -
Upatre HTTPS "ComeBack" Disassm by IDA Apr 3rd, 2014 Never 1,447 6502 ACME Cross Assembler -
PHP HAcked WP Case Mar 27th, 2014 Never 1,186 JavaScript -
UPATRE ZZP of ZGMO campaign via Spam attachment Mar 26th, 2014 Never 808 JavaScript -
Upatre downloading Zeus Gameover (GMO) Mar 26th, 2014 Never 786 JavaScript -
Nuclear bai bai Mar 22nd, 2014 Never 658 None -
Nuclear RU part 3 Mar 22nd, 2014 Never 803 None -
Nuclear RU part 2 Mar 22nd, 2014 Never 665 None -
Nuclear OVH & DB Mar 22nd, 2014 Never 848 None -
Nuclear RU part 1 Mar 18th, 2014 Never 880 None -
Blob of PHP Shell Mar 18th, 2014 Never 1,479 JavaScript -
GoogleCode RECENT Malware Abuse list (only).. Mar 16th, 2014 Never 739 None -
Trojan bankings served in Google Code Mar 16th, 2014 Never 1,157 None -
#MalwareMustDie! Recent Upatre downloads encrypted... Mar 14th, 2014 Never 1,419 JavaScript -
Taiwan Kelihos infection Log Mar 12th, 2014 Never 717 None -
"Wattering" RAT HAVEX INFECTION VERDICT Mar 10th, 2014 Never 23,363 Java -
Turkish Trojan PHP SNS set (called page) Mar 10th, 2014 Never 649 JavaScript -
Turkish Trojan JS SNS set (from Landing page) Mar 10th, 2014 Never 714 JavaScript -
Logger, Backdoor SMTP, Downloader from China Mar 8th, 2014 Never 712 JavaScript -
Turkish Banking Trojan CNC Request Analysis Mar 4th, 2014 Never 652 PHP -
Citadel PoC Mar 3rd, 2014 Never 965 None -
When Traffer and Infector crooks work together Mar 2nd, 2014 Never 850 JavaScript -
Amazon/Google abuse: Feb 27th, 2014 Never 1,170 PHP -
Tango Down Check: Nuclear follow up Feb 27th, 2014 Never 852 JavaScript -
CookieBomb check pad Feb 26th, 2014 Never 708 JavaScript -
#MalwareMustDie - background.js Feb 23rd, 2014 Never 1,146 JavaScript -
Grey stuff: TDS Used Landing Page JS Code Feb 23rd, 2014 Never 631 JavaScript -
Page replacement..hard way to inject.. Feb 22nd, 2014 Never 570 Java -
Iframer JS Injection Feb 22nd, 2014 Never 668 JavaScript -
CookieBomb pad Feb 22nd, 2014 Never 601 JavaScript -
And another Perl DDoS Shell Bot Feb 21st, 2014 Never 1,537 Perl -
PerlBot Remote Downloader Feb 21st, 2014 Never 704 Perl -
Another PerlBot Shell Feb 21st, 2014 Never 1,078 Perl -
CookieBomb v2 - First Cushion Cookie Flow Step by... Feb 20th, 2014 Never 1,128 Java -
Kuluoz Reversing "QUICK" Notes Feb 14th, 2014 Never 683 ASM (NASM) -
Hacked Site with the US IRC Server'S Perl She... Feb 12th, 2014 Never 2,199 Perl -
#MalwareMustDie - Decoding Kelihos Simda download... Feb 10th, 2014 Never 1,751 JavaScript -
Have a "xmlrpc.php" & GooDork for Br... Feb 6th, 2014 Never 922 XML -
Phishing AMEX Script (neutralized) Feb 5th, 2014 Never 2,031 JavaScript -
CookieBomb v2 | the 2nd cushion: Google.JS Jan 29th, 2014 Never 674 JavaScript -
A wtf suspicious TDS.. Jan 27th, 2014 Never 829 None -
CookieBomb Case Jan 2014 Jan 22nd, 2014 Never 906 JavaScript -
Forensics Data - PowerLocker $str(MemDumps) Jan 17th, 2014 Never 592 None -
#Nuclear EK infection domain chains.. Jan 16th, 2014 Never 708 None -