MalwareMustDie's Pastebin

Malware Crusade Battlefield - Near C2    85,818 348,413 6 years ago
Name / Title Added Expires Hits Syntax  
EK domains @ maykoe@list.ru Tango List Announcement Sep 1st, 16 Never 717 Lua -
xorddos+billgates new player Mar 27th, 16 Never 441 Lua -
BraziL BankTrojan VB.NET w/Embed bins 37MB Jan 30th, 16 Never 910 Lua -
Brazil stealer installer vb.net Jan 30th, 16 Never 430 Lua -
Brazil AutoIt Malware - Dropper & Shellexec's Jan 29th, 16 Never 723 Lua -
Qakbot Report (IR) Handles + CNC to block Jan 26th, 16 Never 591 Lua -
Badness in *.keyipin.com in PRC/China Dec 12th, 15 Never 156 Lua -
Check shellshock grep log - #MalwareMustDie Oct 16th, 14 Never 1,234 Bash -
ITW Campaign of Dyre Malware via Explopit CVE-2013... Oct 15th, 14 Never 1,345 JavaScript -
PoC of the IptabLeX windows version exists Oct 15th, 14 Never 714 ASM (NASM) -
Multiple China DDoS-er/backdoor payloads w/long sh... Oct 14th, 14 Never 2,303 JavaScript -
.IptabLes|x comeback frade8c.com:9162 Oct 13th, 14 Never 216 Bash -
SSH Bruter Block IP List 20141009 #MMD Oct 9th, 14 Never 1,103 MIX Assembler -
SSH Bruter Block IP List 20141008 #MMD Oct 8th, 14 Never 860 MIX Assembler -
China Windows DDoSer w/USA CNC 23.91.3.246 Oct 5th, 14 Never 757 ASM (NASM) -
China Crooks White List snagged by MMD Sep 22nd, 14 Never 4,990 None -
RFI - Bossa Sep 15th, 14 Never 751 None -
Redundant Exploit Multi-Arc attack of BossaBot Sep 8th, 14 Never 506 ASM (NASM) -
Redundant dirs for RFI attack BossaBot #Malwaremus... Sep 8th, 14 Never 388 ASM (NASM) -
#MalwareMustDie! Debugging a Ransomware Sep 8th, 14 Never 670 ASM (NASM) -
#MalwareMustDie! Howto Crack Latest WSO Obfuscatio... Sep 6th, 14 Never 1,311 PHP -
Chinese ELF: profild && keymap22 highlights.. Sep 2nd, 14 Never 662 ASM (NASM) -
China Elf Malware & Kernel Exploit Factory Sep 2nd, 14 Never 458 JavaScript -
BossaBot Moar ELF IRC skids, #MalwareMustDie Aug 26th, 14 Never 541 JavaScript -
Freedom Hosting FBI Shellcode Payload.. Aug 12th, 14 Never 6,618 JavaScript -
Freedom Hosting FBI Malware Infector (ForPayload) ... Aug 12th, 14 Never 1,281 JavaScript -
Freedom Hosting FBI IFRAME Redirector Malware Script Aug 12th, 14 Never 1,630 JavaScript -
Mayhem installer Aug 5th 2014 Aug 5th, 14 Never 696 JavaScript -
Evil SuperFetchExec PHP Script Aug 5th, 14 Never 2,111 PHP -
Elf Remote DDoS Management Tools from China Jul 29th, 14 Never 1,005 MIX Assembler -
TAOBAO China ELF DDoS'er Jul 28th, 14 Never 1,048 MIX Assembler -
#Mayhem Installer | latest one Jul 27th, 14 Never 401 PHP -
I'm a mu mu mu? Just a Crap! Jul 27th, 14 Never 476 JavaScript -
How to DOX & gather OnlineDate Site's Scammer ... Jun 21st, 14 Never 1,146 JavaScript -
Installation of the Autostart Scripts | China DDoSer Jun 16th, 14 Never 590 ASM (NASM) -
Network Interface grabbed | China DDoSer Jun 16th, 14 Never 489 ASM (NASM) -
Server sensitive info's grabbed | China DDoSer Jun 16th, 14 Never 494 ASM (NASM) -
Updater function | China DDoS'er Jun 16th, 14 Never 530 ASM (NASM) -
Zbic Decompression Data | China DDoSer Jun 16th, 14 Never 687 ASM (NASM) -
DNS Flood Thread | China DDoSer Jun 16th, 14 Never 725 ASM (NASM) -
SYN Flood Thread | China DDoSer Jun 16th, 14 Never 744 ASM (NASM) -
Recent Incident of Linux ELF (LD_PRELOAD) libworke... Jun 10th, 14 Never 623 JavaScript -
jinxed source2 of .SO ELF LD_PRELOAD PHP malware i... Jun 10th, 14 Never 377 PHP -
jinxed source1 of .SO ELF LD_PRELOAD PHP malware i... Jun 10th, 14 Never 427 PHP -
LD_PRELOAD .SO ELF MALWARE ATTACK FROM ROMANIA Jun 10th, 14 Never 375 JavaScript -
Zendran DDoS'er ELF Installer Script Jun 6th, 14 Never 409 PHP -
PowerBot Perl IRCBot | Case #8 - Journey to Abused... Jun 4th, 14 Never 695 Perl -
Perl IRCBot - Case #8: DDoS'er & Spreader Tool Jun 4th, 14 Never 1,268 Perl -
Case #8 - Journey to Abused FTP Jun 4th, 14 Never 548 JavaScript -
Snagged: Perl RFI Scanner Bot 0.1 Jun 2nd, 14 Never 837 Perl -
Snagged: Pbot Full Weaponized DDoS Jun 1st, 14 Never 4,578 PHP -
LD_PRELOAD .SO ELF MALWARE FRESH ATTACK FROM OVH, ... May 27th, 14 Never 2,361 PHP -
#MalwareMustDie | ZeusVM w/ 0x02 Signed Sample May 24th, 14 Never 898 MIX Assembler -
Older version installer script of malware libworke... May 19th, 14 Never 258 None -
#MMD| xx(32|64)'s Symbol table | Elf analysis May 12th, 14 Never 859 None -
libworker.so ALIVE sites May 10th, 14 Never 1,446 None -
#MalwareMustDie! libworker.so malware library infe... May 9th, 14 Never 1,344 None -
Hacked site of gogo2me Script Deobfuscated May 3rd, 14 Never 535 Java -
Fake Installer downloads PUP Backdoor May 2nd, 14 Never 316 JavaScript -
#CVE-2014-1776 May 1st, 14 Never 3,334 JavaScript -
Mapping of PC Spambot April 2014 Upatre/GMO Apr 25th, 14 Never 1,496 None -
Evil 302 Cushion TDS Pointing to fbt.yahoo.com/cou... Apr 24th, 14 Never 545 JavaScript -
Kelihos Infection APRIL 20th 2014 / last 64h Apr 19th, 14 Never 920 None -
Kelihos Infection APRIL 18th 2014 / last 27h Apr 17th, 14 Never 978 None -
Kelihos Infection APRIL 18th 2014 / last 16h monit... Apr 17th, 14 Never 884 None -
Kelihos Infection APRIL 17th 2014 / 12h Apr 17th, 14 Never 781 None -
April 14th ~ Recorded #SSH Bruter Attacker Top List Apr 15th, 14 Never 2,046 None -
And YET another PHP Injected Apr 12th, 14 Never 535 JavaScript -
Part2: And another PHP Injected | PHP/Redirector #... Apr 12th, 14 Never 488 JavaScript -
And another PHP Injected | PHP/ShellBot Apr 12th, 14 Never 519 JavaScript -
American Express Phishing April 12 2014 Apr 12th, 14 Never 805 JavaScript -
List of recent SSH default user's login attacker's... Apr 10th, 14 Never 1,196 None -
Four full set of spam campaign gameovers Apr 5th, 14 Never 591 JavaScript -
Upatre HTTPS "ComeBack" Disassm by IDA Apr 3rd, 14 Never 816 6502 ACME Cross Assembler -
PHP HAcked WP Case Mar 27th, 14 Never 855 JavaScript -
WPhack:nextstyle.php -- decoded #MalwareMustDie @u... Mar 27th, 14 Never 1,063 JavaScript -
UPATRE ZZP of ZGMO campaign via Spam attachment Mar 26th, 14 Never 532 JavaScript -
Upatre downloading Zeus Gameover (GMO) Mar 26th, 14 Never 532 JavaScript -
Nuclear bai bai Mar 22nd, 14 Never 388 None -
Nuclear RU part 3 Mar 22nd, 14 Never 535 None -
Nuclear RU part 2 Mar 22nd, 14 Never 403 None -
Nuclear OVH & DB Mar 22nd, 14 Never 550 None -
ELF Malware Analysis Mar 19th, 14 Never 593 JavaScript -
Nuclear RU part 1 Mar 18th, 14 Never 551 None -
Blob of PHP Shell Mar 18th, 14 Never 606 JavaScript -
GoogleCode RECENT Malware Abuse list (only).. Mar 16th, 14 Never 487 None -
Trojan bankings served in Google Code Mar 16th, 14 Never 859 None -
#MalwareMustDie! Recent Upatre downloads encrypted... Mar 14th, 14 Never 1,053 JavaScript -
Taiwan Kelihos infection Log Mar 12th, 14 Never 446 None -
"Wattering" RAT HAVEX INFECTION VERDICT Mar 10th, 14 Never 15,134 Java -
Turkish Trojan PHP SNS set (called page) Mar 10th, 14 Never 400 JavaScript -
Turkish Trojan JS SNS set (from Landing page) Mar 10th, 14 Never 444 JavaScript -
Logger, Backdoor SMTP, Downloader from China Mar 8th, 14 Never 454 JavaScript -
Turkish Banking Trojan CNC Request Analysis Mar 4th, 14 Never 411 PHP -
Citadel PoC Mar 3rd, 14 Never 676 None -
When Traffer and Infector crooks work together Mar 2nd, 14 Never 583 JavaScript -
Amazon/Google abuse: Feb 27th, 14 Never 801 PHP -
Tango Down Check: Nuclear follow up Feb 27th, 14 Never 557 JavaScript -
CookieBomb check pad Feb 26th, 14 Never 454 JavaScript -
#MalwareMustDie - background.js Feb 23rd, 14 Never 689 JavaScript -
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top