Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Shamoon-4 - Rewrited and optimized unofficial Iranian hackers group wiper malware aka
#1
[Image: 68747470733a2f2f692e696d6775722e636f6d2f...6a2e706e67]

MBR overwrite

This Shamoon does not destroy MBR sector vain like its brothers. Instead write message to boot screen, original bootloader code leaked from "Redboot" ransowmare by reverse engineering. 

Demonstration
To view the demonstration video, you can check YouTube link - https://youtu.be/XsY9wu5ZB4M
This Shamoon check for fallowing directory path - "C:\Python27". When exists does not do any activity and force close itself.
This project has been developed solely for learning purposes. The author is not affiliated with the Iranian hacker groups or any other groups. Any damage caused by this program/tool/malware on the user's responsibility.


Reply
 


Possibly Related Threads...
Thread Author Replies Views Last Post
Thumbsup any.run - Malware hunting teamkelvinsecteam 1 91 04-17-2019, 11:49 AM
Last Post: dbcracker
  school of privacy VPN and privacy news and information cryptoaccstore 4 220 04-01-2019, 01:14 AM
Last Post: cryptoaccstore
  tknk_scanner Community-based integrated malware identification system teamkelvinsecteam 2 321 12-22-2018, 01:48 AM
Last Post: rf6686rf
  ph0neutria - malware zoo builder teamkelvinsecteam 0 287 10-22-2018, 08:46 PM
Last Post: teamkelvinsecteam
  Live Malware Samples KnifeBoss 2 1,208 01-19-2017, 04:01 PM
Last Post: KnifeBoss



Users browsing this thread: 1 Guest(s)