Closed PiRFale-Danger closed 3 months ago
Thank you so much! I will add this sample in the "Trojan" section (because it overwrites the MBR and in the tria.ge listing its named "RiasTrojan.exe"), when I get time. You didn't mention that it was made by you, so if it was (just in case), then tell me so I can change it to "Viewer-Made-Malware".
Edit:
Update: I have added the trojan after exactly a month lol, i just needed free time. Hope you enjoy! Its in Malware-Database>Viewer-Made-Malware>My-Database>Rias.zip . Hope I was helpful!
Ur welcome. I might start finding malware samples on Any.run, I've got some good ones, if u want me to upload them sooner or later.
Then u can ask.
YOO Please give me some samples bc i go any.run every month and theirs always new samples, like i went on their for my schedule yesterday and i found a good one called "Spy Stalker"
https://www.mediafire.com/file/has0hlfw7camp6s/goggle.com+trojan.7z/file pass: Infected I found this one. Kaspersky detected it as: Trojan-Proxy.Win32.Wopla.u
So is this the archive of the website, the trojan itself, or just generic spysheriff? btw can i have the any.run report if there is one?
Update: Ran in any.run, seems like a generic bomb trojan, but I will add it as it seems realistic to the video McAfee did in the late 2000s about it called "Spyware Rubbernecking."
Heres the report i did: https://app.any.run/tasks/74decefe-07db-41e8-8450-ba82e76bf9a7
Edit: I also added it in the trojans section. I might run it in Windows XP to test its validity soon.
I thought it was cool, since it has some archived adware.
oh thats cool
update: i tested it on windows xp and it was really interesting, it created temp files and even gave me a new malware to put in the database! (Live-Player)
It's basically another crappy MBR overwriter, nothing special and that's it. PS: Not a weeb
https://github.com/PiRFale-Danger/Terrible-Malware/raw/main/Rias.exe
https://tria.ge/240403-y456taca83