Shamoon-4 - Rewrited and optimized unofficial Iranian hackers group wiper malware aka
by teamkelvinsecteam - 01-18-2019, 03:43 PM
#1
[Image: 68747470733a2f2f692e696d6775722e636f6d2f...6a2e706e67]

MBR overwrite

This Shamoon does not destroy MBR sector vain like its brothers. Instead write message to boot screen, original bootloader code leaked from "Redboot" ransowmare by reverse engineering. 

Demonstration
To view the demonstration video, you can check YouTube link - https://youtu.be/XsY9wu5ZB4M
This Shamoon check for fallowing directory path - "C:\Python27". When exists does not do any activity and force close itself.
This project has been developed solely for learning purposes. The author is not affiliated with the Iranian hacker groups or any other groups. Any damage caused by this program/tool/malware on the user's responsibility.


Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
Korean Hackers - Kit Exploits For CVE teamkelvinsecteam 1 197 06-20-2019, 07:18 AM
Last Post: amstrot
new backdoor inspired by leaked NSA malware teamkelvinsecteam 0 198 04-25-2019, 04:43 AM
Last Post: teamkelvinsecteam
any.run - Malware hunting teamkelvinsecteam 1 173 04-17-2019, 11:49 AM
Last Post: dbcracker

 Users browsing this thread: 1 Guest(s)