MalwareMustDie's Pastebin

An archive of MMD pastes until 2014 (inactive, museums) 174,394 869,735 0 11 years ago

Name / Title	Added	Expires	Hits	Syntax
ITW Campaign of Dyre Malware via Explopit CVE-2013-2729 PDF	Oct 15th, 2014	Never	3,347	JavaScript	-
PoC of the IptabLeX windows version exists	Oct 15th, 2014	Never	2,693	ASM (NASM)	-
Multiple China DDoS-er/backdoor payloads w/long shell cmd	Oct 14th, 2014	Never	5,140	JavaScript	-
.IptabLes\|x comeback frade8c.com:9162	Oct 13th, 2014	Never	1,895	Bash	-
China Windows DDoSer w/USA CNC 23.91.3.246	Oct 5th, 2014	Never	2,297	ASM (NASM)	-
China Crooks White List snagged by MMD	Sep 22nd, 2014	Never	9,897	None	-
RFI - Bossa	Sep 15th, 2014	Never	2,743	None	-
Redundant Exploit Multi-Arc attack of BossaBot	Sep 8th, 2014	Never	2,461	ASM (NASM)	-
Redundant dirs for RFI attack BossaBot #Malwaremustdie!	Sep 8th, 2014	Never	3,161	ASM (NASM)	-
Chinese ELF: profild && keymap22 highlights..	Sep 2nd, 2014	Never	2,445	ASM (NASM)	-
China Elf Malware & Kernel Exploit Factory	Sep 2nd, 2014	Never	2,085	JavaScript	-
Elf Remote DDoS Management Tools from China	Jul 29th, 2014	Never	2,675	MIX Assembler	-
TAOBAO China ELF DDoS'er	Jul 28th, 2014	Never	3,298	MIX Assembler	-
I'm a mu mu mu? Just a Crap!	Jul 27th, 2014	Never	2,032	JavaScript	-
Installation of the Autostart Scripts \| China DDoSer	Jun 16th, 2014	Never	2,313	ASM (NASM)	-
Network Interface grabbed \| China DDoSer	Jun 16th, 2014	Never	3,162	ASM (NASM)	-
Server sensitive info's grabbed \| China DDoSer	Jun 16th, 2014	Never	2,232	ASM (NASM)	-
Updater function \| China DDoS'er	Jun 16th, 2014	Never	2,269	ASM (NASM)	-
Zbic Decompression Data \| China DDoSer	Jun 16th, 2014	Never	2,555	ASM (NASM)	-
DNS Flood Thread \| China DDoSer	Jun 16th, 2014	Never	2,792	ASM (NASM)	-
SYN Flood Thread \| China DDoSer	Jun 16th, 2014	Never	2,652	ASM (NASM)	-
Recent Incident of Linux ELF (LD_PRELOAD) libworker.so	Jun 10th, 2014	Never	2,591	JavaScript	-
Case #8 - Journey to Abused FTP	Jun 4th, 2014	Never	2,206	JavaScript	-
#MMD\| xx(32\|64)'s Symbol table \| Elf analysis	May 12th, 2014	Never	7,066	None	-
libworker.so ALIVE sites	May 10th, 2014	Never	3,110	None	-
#MalwareMustDie! libworker.so malware library infected sites	May 9th, 2014	Never	4,151	None	-
Fake Installer downloads PUP Backdoor	May 2nd, 2014	Never	1,815	JavaScript	-
Mapping of PC Spambot April 2014 Upatre/GMO	Apr 25th, 2014	Never	4,277	None	-
Kelihos Infection APRIL 18th 2014 / last 16h monitoring	Apr 17th, 2014	Never	2,557	None	-
Kelihos Infection APRIL 17th 2014 / 12h	Apr 17th, 2014	Never	3,185	None	-
April 14th ~ Recorded #SSH Bruter Attacker Top List	Apr 15th, 2014	Never	4,407	None	-
American Express Phishing April 12 2014	Apr 12th, 2014	Never	2,560	JavaScript	-
List of recent SSH default user's login attacker's IPs	Apr 10th, 2014	Never	4,045	None	-
Four full set of spam campaign gameovers	Apr 5th, 2014	Never	2,148	JavaScript	-
UPATRE ZZP of ZGMO campaign via Spam attachment	Mar 26th, 2014	Never	2,033	JavaScript	-
Upatre downloading Zeus Gameover (GMO)	Mar 26th, 2014	Never	2,000	JavaScript	-
Nuclear bai bai	Mar 22nd, 2014	Never	1,882	None	-
Nuclear RU part 3	Mar 22nd, 2014	Never	2,069	None	-
Nuclear RU part 2	Mar 22nd, 2014	Never	1,904	None	-
Nuclear OVH & DB	Mar 22nd, 2014	Never	2,076	None	-
Nuclear RU part 1	Mar 18th, 2014	Never	2,199	None	-
GoogleCode RECENT Malware Abuse list (only)..	Mar 16th, 2014	Never	1,954	None	-
Trojan bankings served in Google Code	Mar 16th, 2014	Never	2,406	None	-
#MalwareMustDie! Recent Upatre downloads encrypted Zbot/GMO	Mar 14th, 2014	Never	2,732	JavaScript	-
Taiwan Kelihos infection Log	Mar 12th, 2014	Never	2,028	None	-
"Wattering" RAT HAVEX INFECTION VERDICT	Mar 10th, 2014	Never	31,544	Java	-
Logger, Backdoor SMTP, Downloader from China	Mar 8th, 2014	Never	1,936	JavaScript	-
Citadel PoC	Mar 3rd, 2014	Never	2,237	None	-
When Traffer and Infector crooks work together	Mar 2nd, 2014	Never	2,046	JavaScript	-
Amazon/Google abuse:	Feb 27th, 2014	Never	2,678	PHP	-
Tango Down Check: Nuclear follow up	Feb 27th, 2014	Never	2,282	JavaScript	-
Kuluoz Reversing "QUICK" Notes	Feb 14th, 2014	Never	1,955	ASM (NASM)	-
Hacked Site with the US IRC Server'S Perl ShellBot	Feb 12th, 2014	Never	3,705	Perl	-
#MalwareMustDie - Decoding Kelihos Simda download FakeAV	Feb 10th, 2014	Never	2,955	JavaScript	-
Have a "xmlrpc.php" & GooDork for Breakfast	Feb 6th, 2014	Never	2,188	XML	-
Phishing AMEX Script (neutralized)	Feb 5th, 2014	Never	4,559	JavaScript	-
A wtf suspicious TDS..	Jan 27th, 2014	Never	2,119	None	-
Forensics Data - PowerLocker $str(MemDumps)	Jan 17th, 2014	Never	1,823	None	-
#Nuclear EK infection domain chains..	Jan 16th, 2014	Never	1,994	None	-
#Simda Payload callbacks Traffic (origin: Kelihos Botnet)	Jan 16th, 2014	Never	1,710	None	-
#Cridex Trojan Infection IP Source per Jan 17 2014	Jan 16th, 2014	Never	3,465	None	-
Trojan/PWS Win32/Cridex RETURNS	Jan 15th, 2014	Never	2,112	None	-
FUD Kelihos	Jan 14th, 2014	Never	1,653	None	-
Kuluoz - Latest Version \| Binary DUMP Analysis	Jan 14th, 2014	Never	2,056	None	-
Shadow Logger Registry Trace in Memory Dump (forensics)	Jan 2nd, 2014	Never	2,548	None	-
Shadow Logger Process Record	Jan 2nd, 2014	Never	1,888	None	-
Shadow Logger PE Strings	Jan 2nd, 2014	Never	2,595	None	-
#MMD Tango Down 311/2,989	Dec 2nd, 2013	Never	1,800	None	-
SURBL CryptoLocker	Nov 13th, 2013	Never	3,003	None	-
BOTNET KULUOZ/ ASPROX BACK WITH NEW EXCYPTION	Nov 12th, 2013	Never	1,946	None	-
Nuclear EK Landing Page in Japan serves Citadel	Nov 8th, 2013	Never	1,654	JavaScript	-
FaceBook IM & Web Driven Facebook Trojan with DGA Downloader	Nov 7th, 2013	Never	2,701	JavaScript	-
#MalwareMustDie - MORE Zbot Trojans UP and ALIVE	Nov 5th, 2013	Never	1,679	None	-
#MalwareMustDie! ZEUS links that needed to nuke down:	Nov 5th, 2013	Never	1,758	None	-
#MalwareMustDie - #PoC of HOW Kelihos Infecting via RedKit	Nov 5th, 2013	Never	1,794	None	-
#MalwareMustDie! Zombie PCs used by Botnet & Malware	Nov 4th, 2013	Never	1,983	None	-
The cracking of 709days used by RunForrestRun DGA	Nov 2nd, 2013	Never	1,922	JavaScript	-
DGA (PseudoRandom Domain) RunForrestRun, Decoding 1st Step	Nov 2nd, 2013	Never	1,939	JavaScript	-
#MalwareMustDie! Zeus Variant Payloads	Oct 30th, 2013	Never	1,883	None	-
#malwareMustDie - The #w00tw00t Attack log	Oct 20th, 2013	Never	2,352	Apache Log	-
YAra rule: Citadel	Oct 15th, 2013	Never	1,853	None	-
#MalwareMustDie! Peeking at Recent Blackhole via IncomingFAX	Sep 19th, 2013	Never	1,828	None	-
KELIHOS MALWARE DETECTION RATIO - BY AV SCANNING AT VT	Aug 31st, 2013	Never	1,780	None	-
OP CleanUp Kelihos, CN: Polandia/Polska	Aug 13th, 2013	Never	1,863	None	-
OP CleanUp Kelihos, CN: Japan	Aug 13th, 2013	Never	2,285	None	-
OP CleanUp Kelihos, CN: Romania	Aug 13th, 2013	Never	1,810	None	-
OP CleanUp Kelihos, CN: Russia	Aug 13th, 2013	Never	2,447	None	-
OP CleanUp Kelihos, CN: USA	Aug 13th, 2013	Never	2,970	None	-
OP CleanUp Kelihos, CN: India	Aug 13th, 2013	Never	1,745	None	-
#MalwareMustDie - Kelihos Botnet IP Aug 11, 2013 take 1	Aug 11th, 2013	Never	36,091	None	-
#MalwareMustDie - Kelihos Botnet IP AUg 11, 2013	Aug 11th, 2013	Never	1,974	None	-
#MalwareMustDie! Kelihos BotNet IP TOTAL Aug 10th 2013	Aug 10th, 2013	Never	7,015	None	-
Chekcing Latest Kelihos .COM domains sinkhole status	Aug 10th, 2013	Never	1,696	None	-
#MalwareMustDie! Last milking today, sorted unique : 1307ip	Aug 10th, 2013	Never	1,579	None	-
Kelihos Hit US IP..	Aug 9th, 2013	Never	1,935	None	-
#MalwareMustDie! Kelihos BotNet IP-2 Aug 10th 2013	Aug 9th, 2013	Never	3,339	None	-
#MalwareMustDie - Log of Report of ANOTHER 2 Kelihos domains	Aug 9th, 2013	Never	1,488	None	-
#MalwareMustDie - Log of Report of 2 more Kelihos domains	Aug 9th, 2013	Never	1,608	None	-
#MalwareMustDie! Kelihos BotNet IP Aug 10th 2013	Aug 9th, 2013	Never	6,147	None	-
#MalwareMustDie - Log of Report of 8 more Kelihos domains	Aug 9th, 2013	Never	1,702	None	-

1 2 3 4 Oldest