[AI] Cartman malware Thread

Cartman · 2 Febrero, 2024 20:08

free malware samples and source codes by the glorious 1337 gang.

Cartman · 25 Febrero, 2024 09:51

Link → https://osbsrilanka.org/dropdown.php
Malware Type → Webshell (infected website)
ASN → Namecheap-net, us (22612)
Hash → 21575610
Google Safebrowsing → False
Abuse Emails → [email protected], [email protected], [email protected]
Screenshot:

Cartman · 25 Febrero, 2024 09:55

Link → https://jonesourcing.com/dropdown.php
Malware Type → Webshell (infected website)
ASN → Namecheap-net, us (22612)
Hash → 264946576
Google Safebrowsing → False
Abuse Emails → [email protected], [email protected], [email protected]
Screenshot:

Cartman · 25 Febrero, 2024 10:05

Link → https://dermond-holding.com/prorevolutionist.php
Malware Type → Webshell (infected website)
ASN → O2switch, fr (50474)
Hash → 3862320563
Google Safebrowsing → False
Abuse Emails → [email protected], [email protected]
Screenshot:

Cartman · 25 Febrero, 2024 10:17

Link → https://roboservice.xyz/isosmotically.php
Malware Type → Webshell (infected website)
ASN → Namecheap-net, us (22612)
Hash → 3575508594
Google Safebrowsing → False
Abuse Emails → [email protected], [email protected], [email protected]
Screenshot:
Additional Information:

Cartman · 29 Febrero, 2024 20:12

Url → hxxps://bestcookbook.info/file/WeightBook.exe (Dangerous)
IP → 67.43.234.48
Malware Type → Trojan.lazy/stealer
Detection Ratio → 50 / 70 (VirusTotal)

File Information (NEW):
SHA 256 → 01e92067f755318094e587539040862e456643d99d5fde603cee900d95fb0bb3
File size → 1.52 Megabytes (1594880)
DIE → Compiler: Microsoft Visual C/C++ (19.36.32824) || Linker: Microsoft Linker (14.36.32822) || Tool: Visual Studio (2022 version 17.6)
Magic → PE32+ (PE64)
Tags → spreader

Website Information:
ASN → Gtcomm, ca (36666)
Hash → 1402140703
Google Safebrowsing → False
Abuse Emails → [email protected], [email protected], [email protected], [email protected]
Screenshot:

Available options:
[Download]‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎[Similar]‏‏‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‎[Telemetry]‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ [Content]‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏‎ ‎‏‏ ‎[Webinfo]

Cartman · 1 Marzo, 2024 18:37

Link → https://mcmbakara.com/ezy.php
Malware Type → Webshell (infected website)
ASN → Namecheap-net, us (22612)
Hash → 4124853992
Google Safebrowsing → False
Abuse Emails → [email protected], [email protected], [email protected], [email protected]
Screenshot:

Cartman · 1 Marzo, 2024 18:47

Link → https://anglicannews.com.ng/ezy.php
Malware Type → Webshell (infected website)
ASN → Namecheap-net, us (22612)
Hash → 1496673589
Google Safebrowsing → False
Abuse Emails → [email protected], [email protected], [email protected], [email protected]
Screenshot:

Cartman · 1 Marzo, 2024 18:51

Link → https://serencity.ng/admin.php
Malware Type → Webshell (infected website)
ASN → Namecheap-net, us (22612)
Hash → 1546177611
Google Safebrowsing → False
Abuse Emails → [email protected], [email protected], [email protected], [email protected]
Screenshot:

Cartman · 3 Marzo, 2024 08:24

Link → https://app-update.info/1/ZainCash/1/
Source Code → https://app-update.info/1/ZainCashLast.zip
Scam Type → Phishing
ASN → Hetzner-as, de (24940)
PhishTarget (Experimental) → ZainCash
Hash → 3367872551
Google Safebrowsing → False
Abuse Emails → [email protected], [email protected]
Screenshot:

Additional Information:
Telegram Chat ID ->497656935
Telegram Bot Token → 7079634820:AAGW1ExMish3mz6pLRP0hVnjZiGYThC0vgg

Cartman · 3 Marzo, 2024 08:34

Link → https://speedbreak.site/sub/install/
Source Code → https://speedbreak.site/sub.zip
Scam Type → Phishing
ASN → Leaseweb-nl-ams-01 netherlands, nl (60781)
PhishTarget (Experimental) → General
Hash → 3027000439
Google Safebrowsing → False
Abuse Emails →
Screenshot: