Home
Upgrade
Credits
Search
Awards
Auth
Vouches
ALERT!
Click here to register with a few steps and explore all our cool stuff we have to offer!

Jump to content

Home Upgrade Credits Search Awards Auth Vouches
Sign In
Create Account


Photo

User Infecting #Report 1

Started By ToneXfield, Jun 03 2019 02:05 AM

  • Please log in to reply
User Infecting #Report 1

#1
Posted 03 June 2019 - 02:05 AM

ToneXfield
ToneXfield
    Offline
    0
    Rep
    0
    Likes

    New Member

Posts: 12
Threads: 1
Joined: Jun 02, 2019
Credits: 0
Five years registered
#1
Posted 03 June 2019 - 02:05 AM

Title:NetGhost v.1.4 Proxy Grabber and Checker

User Name:MyWifeaMyComptr

UID:2406283

User Profile:https://www.nulled.t...mywifeamycomptr

fXqE4s2.png

Used Diff VT link which was clean 

VT link he used: 

Please Login or Register to see this Hidden Content

 

Sample:

[hide]

Please Login or Register to see this Hidden Content

[/hide]

 

 

Infected with NanoCore IP: 127.0.0.1:3218

fojasoftwareaudio.ignorelist.com port 3218

Please Login or Register to see this Hidden Content

HTTPS REQUEST

.pastebin.com

GET /raw/7kcDT0fn HTTP/1.1

GET /raw/VAyUNc0W HTTP/1.1

Please Login or Register to see this Hidden Content

Please Login or Register to see this Hidden Content

-------------------------------------------------

 

fojasoftwareaudio.ignorelist.com

response: NXDOMAIN

https://www.virustot...ist.com/details

 

creates new folder

file: mggdfd.exe.bat

C:\Users\user\AppData\Local\Temp\iuytuyt\mggdfd.exe.bat

(md5: e6f4e34683764b280b18c5c2fd242959)

Please Login or Register to see this Hidden Content

create new file

melt.bat

C:\Users\user\AppData\Local\Temp\iuytuyt\melt.bat

(md5: e37e452eba99d96f0333f21ec7b00295)

Please Login or Register to see this Hidden Content

create new file

file NetGhost v1.4.0.0.exe

C:\Users\user\AppData\Local\Temp\NetGhost v1.4.0.0.exe
C:\Users\user\AppData\Local\Temp\iuytuyt\mggdfd.exe

(md5: 5cdbe3705956b9cf95e30da13d6ff178)

create new file

NetGhost_Latest.zip

C:\Users\user\AppData\Local\Temp\NetGhost_Latest.zip

(md5: d41d8cd98f00b204e9800998ecf8427e)

create new file

GDIPFONTCACHEV1.DAT

C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT

(md5: 1bba2e8a1b56ec52dd7805093b4839d3)

 

create  new file

tbdadf.exe

C:\Users\user\AppData\Local\Temp\tbdadf.exe

(md5: 2e5f1cf69f92392f8829fc9c9263ae9b)

create new file

NG 1.4.exe

C:\Users\user\AppData\Local\Temp\NG 1.4.exe

(md5: 12189a91572eb3b56ada659ad4f57752)


Edited by ToneXfield, 03 June 2019 - 04:11 PM.

  • 0

Malware Analysis / Reverse Engineer / Coder - KILL ON SIGHT - 

?url=https%3A%2F%2Fi.imgur.com%2FfQtNKCu

#2
Posted 03 June 2019 - 03:36 PM

KiburiciSlave
KiburiciSlave
    Offline
    9
    Rep
    28
    Likes

    Member

  • PipPipPip
Posts: 39
Threads: 27
Joined: Jun 01, 2019
Credits: 0
Deal with caution
User has an open scam report.
Five years registered
#2
Posted 03 June 2019 - 03:36 PM

Title:NetGhost v.1.4 Proxy Grabber and Checker

User Name:MyWifeaMyComptr

UID:2406283

User Profile:https://www.nulled.t...mywifeamycomptr

fXqE4s2.png

Used Diff VT link which was clean 

VT link he used: 

Please Login or Register to see this Hidden Content

 

Infected Do not not not download:

 

 

 

Infected with NanoCore IP: 127.0.0.1:3218

fojasoftwareaudio.ignorelist.com port 3218

Please Login or Register to see this Hidden Content

HTTPS REQUEST

.pastebin.com

GET /raw/7kcDT0fn HTTP/1.1

GET /raw/VAyUNc0W HTTP/1.1

Please Login or Register to see this Hidden Content

Please Login or Register to see this Hidden Content

-------------------------------------------------

 

fojasoftwareaudio.ignorelist.com

response: NXDOMAIN

https://www.virustot...ist.com/details

 

creates new folder

file: mggdfd.exe.bat

C:\Users\user\AppData\Local\Temp\iuytuyt\mggdfd.exe.bat

(md5: e6f4e34683764b280b18c5c2fd242959)

Please Login or Register to see this Hidden Content

create new file

melt.bat

C:\Users\user\AppData\Local\Temp\iuytuyt\melt.bat

(md5: e37e452eba99d96f0333f21ec7b00295)

Please Login or Register to see this Hidden Content

create new file

file NetGhost v1.4.0.0.exe

C:\Users\user\AppData\Local\Temp\NetGhost v1.4.0.0.exe
C:\Users\user\AppData\Local\Temp\iuytuyt\mggdfd.exe

(md5: 5cdbe3705956b9cf95e30da13d6ff178)

create new file

NetGhost_Latest.zip

C:\Users\user\AppData\Local\Temp\NetGhost_Latest.zip

(md5: d41d8cd98f00b204e9800998ecf8427e)

create new file

GDIPFONTCACHEV1.DAT

C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT

(md5: 1bba2e8a1b56ec52dd7805093b4839d3)

 

create  new file

tbdadf.exe

C:\Users\user\AppData\Local\Temp\tbdadf.exe

(md5: 2e5f1cf69f92392f8829fc9c9263ae9b)

create new file

NG 1.4.exe

C:\Users\user\AppData\Local\Temp\NG 1.4.exe

(md5: 12189a91572eb3b56ada659ad4f57752)

I downloaded that hsit man fuck of oooof


  • 0

https://shoppy.gg/@HydraCCC

ezgif-2-9837a8472dfe.gif

#3
Posted 03 June 2019 - 04:10 PM

ToneXfield
ToneXfield
    Offline
    0
    Rep
    0
    Likes

    New Member

Posts: 12
Threads: 1
Joined: Jun 02, 2019
Credits: 0
Five years registered
#3
Posted 03 June 2019 - 04:10 PM

I downloaded that hsit man fuck of oooof

i reported the thread but just incase he removes everything i have here displayed don't download unless you want the sample.


  • 0

Malware Analysis / Reverse Engineer / Coder - KILL ON SIGHT - 

?url=https%3A%2F%2Fi.imgur.com%2FfQtNKCu

#4
Posted 13 June 2019 - 11:28 AM

zelus
zelus
    Offline
    -1
    Rep
    8
    Likes

    Addicted

Posts: 187
Threads: 2
Joined: Aug 17, 2017
Credits: 0
Seven years registered
#4
Posted 13 June 2019 - 11:28 AM

Nice one OP.

 

Good work.


  • 0

the gods do not regard Reviews gotten with Vouch Copy so i do not.

Back to The Lounge

 Users browsing this thread:

  1. Nulled
  2. General & Off Topic Discussion
  3. The Lounge