Y
Hacker News
new
|
ask
|
show
|
jobs
by
mafriese
726 days ago
This "thing" is always spawning 3 processes at the time. The processes are always the ones from the virustotal link. I can upload the DLL to a file sharing service of your choice if you don't have a VT premium license. I can also provide an any.run link:
https://app.any.run/tasks/bc557b04-5025-46a1-a683-aad3b29b9a...
(installer)
https://app.any.run/tasks/e257e7f2-7837-4ed1-93c8-5d617d75cc...
(zip file containing the files). Let me know if you need further info :).
1 comments
jart
726 days ago
Is there a way for me to curl their executable into my UNIX terminal so I can read the assembly? Or does Any Run keep the samples to themselves? I know a lot about portable executable but very little about these online services.
link
mafriese
726 days ago
https://github.com/mafriese/scarecrow
Can upload any files you want there. Direct DL for one of the files:
https://github.com/mafriese/scarecrow/raw/main/autoruns.exe
link