All gists matching topic Malware

scusi's Avatar

scusi / dns_xor.go

0 likes
0 forks
1 files
Last active 6 months ago
DNS-Tunnel FrameworkPOS Malware golang
1 // domain data encoding/decoding algo for FrameworkPOS Malware DNS-Tunneling Variant,
2 // as described on:
3 // https://blog.gdata.de/artikel/neue-variante-von-frameworkpos-schoepft-daten-ueber-dns-anfragen-ab/
4 //
5
6 package main
7
8 import(
9 "fmt"
10 "os"
scusi's Avatar

scusi / gifExeExtract.go

0 likes
0 forks
1 files
Last active 6 months ago
go prog to extract EXE from GIF as Trojan-Ransom.Win32.Foreign did
GIF Malware
1 ## see also https://0x41414141.de/blog/2017-03-30-trojan-ransom.win32.foreign-hides-payload-exe-in-gif-file/
2 #
3 package main
4
5 import (
6 "bufio"
7 "bytes"
8 "container/ring"
9 "encoding/hex"
10 "flag"
Newer Older

Powered by Opengist Load: 75ms

English