Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Shamoon-4 - Rewrited and optimized unofficial Iranian hackers group wiper malware aka
[Image: 68747470733a2f2f692e696d6775722e636f6d2f...6a2e706e67]

MBR overwrite

This Shamoon does not destroy MBR sector vain like its brothers. Instead write message to boot screen, original bootloader code leaked from "Redboot" ransowmare by reverse engineering. 

To view the demonstration video, you can check YouTube link -
This Shamoon check for fallowing directory path - "C:\Python27". When exists does not do any activity and force close itself.
This project has been developed solely for learning purposes. The author is not affiliated with the Iranian hacker groups or any other groups. Any damage caused by this program/tool/malware on the user's responsibility.


Possibly Related Threads...
Thread Author Replies Views Last Post
Thumbsup - Malware hunting teamkelvinsecteam 1 91 04-17-2019, 11:49 AM
Last Post: dbcracker
  school of privacy VPN and privacy news and information cryptoaccstore 4 220 04-01-2019, 01:14 AM
Last Post: cryptoaccstore
  tknk_scanner Community-based integrated malware identification system teamkelvinsecteam 2 321 12-22-2018, 01:48 AM
Last Post: rf6686rf
  ph0neutria - malware zoo builder teamkelvinsecteam 0 287 10-22-2018, 08:46 PM
Last Post: teamkelvinsecteam
  Live Malware Samples KnifeBoss 2 1,208 01-19-2017, 04:01 PM
Last Post: KnifeBoss

Users browsing this thread: 1 Guest(s)