Forensic
Friday 25 April 2014, 11:26 #1
C&C 3
Hi everybody,
is there someone who can shad some light on how the path has to look like before producing the checksum. There are so many possibilities.
Do I really need to use lower case letters only in the path. Should I use FAT12 naming with the truncated numbered filenames?
I really tried all combinations above but didn’t get a hit. I obviously found the malware as this is nescessary to solve C&C 4 but I can’t get #3 to work.
Cheers
Matse
Friday 8 April 2016, 00:02 #3
C&C 3
Found malware in 2 executables -validated with Virustotal- and problems to generate de md5 validation signature of the full path. I understand you have to generate a md5sum of C:\xxxxxx\xxxxx\xxxx.exe , right?
http://www.md5lab.com/word/ ????
Ohh my Gosh!!!!