Spoofer Posted November 11, 2013 Share Posted November 11, 2013 (edited) Dracula Logger This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up SCAN Filename : Dracula_Logger.exe Type : application/octet-stream Filesize : 1015808 bytes Date : 11/11/2013 - 18:41 GMT+2 MD5 : 701b97da47f919a627d4853a0d7870dc SHA1 : 30ca438893c80b89459883b65ecf224dfe83ea28 Status : Infected Result :18/33 AVG Free - Virus found PSW.ILUSpy ArcaVir - OK Avast - MSILAgent-TE [Drp] AntiVir (Avira) - TR/Dropper.MSIL.Gen BitDefender - GenVariant.Kazy.59581 VirusBuster Internet Security - OK Clam Antivirus - OK COMODO Internet Security - Malware@2ni2irt5ow4ms Dr.Web - OK eTrust-Vet - Win32/Tnega.XACC!suspicious F-PROT Antivirus - OK F-Secure Internet Security - GenVariant.Kazy.59581 G Data - GenVariant.Kazy.59581, MSIL IKARUS Security - Win32.SuspectCrc Kaspersky Antivirus - HEURTrojan.Win32.Generic McAfee - RDN/Generic Dropper!ne MS Security Essentials - OK ESET NOD32 - Trojan.MSIL/Injector.VJ Norman - winpe/Troj_Generic.LLWDF Norton Antivirus - OK Panda Security - OK A-Squared - Win32.SuspectCrc!IK Solo Antivirus - OK Sophos - OK Trend Micro Internet Security - OK VBA32 Antivirus - OK Ad-Aware - Trojan.Win32.Generic!BT BullGuard - GenVariant.Kazy.59581 Immunet Antivirus - OK K7 Ultimate - Trojan ( 001d712b1 ) NANO Antivirus - OK Panda CommandLine - OK VIPRE - Trojan.Win32.Generic=21BT Features -Mostly Undetected -Custom Installation/Startup Path -Icon Changer -Assembly Changer -Multi File Binder -Cure (Removes infection if you happen to accidentally, or intentionally infect yourself) -Installation Persistence -Execution Guard -Fake Error Message -Multi File Downloader -Melt (Self deletion after execution) -UAC Bypass (Beta, may not work 100% of the time) -Extension Spoofer -Stealers --Firefox --Chrome --Opera --MSN --DynDNS/No-IP --FileZilla --Pidgin --IMVU --Common CD Keys --Bitcoin Wallet --Minecraft .lastlogin MY TEST This is the hidden content, please Sign In or Sign Up Download : This is the hidden content, please Sign In or Sign Up Edited November 13, 2013 by sQuo link changed / Clean Link to comment Share on other sites More sharing options...
ernesplata Posted November 12, 2013 Share Posted November 12, 2013 Re: Dracula Logger Hey can u upload it from another server? solidfiles never works on my pc ._. try with sendspace.com THX good: Link to comment Share on other sites More sharing options...
Spoofer Posted November 12, 2013 Author Share Posted November 12, 2013 Re: Dracula Logger Hey can u upload it from another server? solidfiles never works on my pc ._. try with sendspace.com THX good: Added Mirror :whistling: Link to comment Share on other sites More sharing options...
zaqara Posted November 12, 2013 Share Posted November 12, 2013 Re: Dracula Logger This is the hidden content, please Sign In or Sign Up Windows 8.1 64 bit not_i Link to comment Share on other sites More sharing options...
x_h0rr0r_x Posted November 13, 2013 Share Posted November 13, 2013 (edited) Re: Dracula Logger Just to let you fellas know this shit is is keylogger its self..I would advise all of you to scan your computer with Malwarebytes This is the hidden content, please Sign In or Sign Up Creates file C:\Users\test\AppData\Roaming\Dracula Logger.exe Queries DNS "smtp.gmail.com". C:\Users\test\Desktop\Dracula_logger\Dracula_Logger.exe Connects to "74.125.134.108" on port 587 (TCP - SMTP). C:\Users\test\Desktop\Dracula_logger\Dracula_Logger.exe Connects to "23.72.224.200" on port 80 (TCP - HTTP). Creates process "C:\Users\test\AppData\Roaming\Dracula Logger.exe, C:\Users\test\AppData\Roaming\Dracula Logger.exe" , C:\Users\test\Desktop\Dracula_logger". Injects code into process "C:\Sandbox\test\DefaultBox\user\current\AppData\Roaming\Dracula Logger.exe". Creates value "Dracula Logger.exe=Dracula Logger" in key HKEY_CURRENT_USER\software\classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Sandbox\test\DefaultBox\user\current\AppData\Roaming binary data=440072006100630075006C00610020004C006F0067006700650072000000 Edited November 13, 2013 by x_h0rr0r_x Link to comment Share on other sites More sharing options...
sQuo Posted November 13, 2013 Share Posted November 13, 2013 Re: Dracula Logger link changed / clean file Link to comment Share on other sites More sharing options...
x_h0rr0r_x Posted November 13, 2013 Share Posted November 13, 2013 Re: Dracula Logger link changed / clean file Thanks Hum,Just 1 question..Did you find a clean file or did you clean it yourself? Link to comment Share on other sites More sharing options...
Recommended Posts