11 lines
687 B
Markdown
11 lines
687 B
Markdown
# Crypto Virus (coinprompt)
|
|
|
|
> **DISCLAIMER: DO NOT RUN THE CODE.** This repo contains malware written by somebody else. Provided for education purposes only.
|
|
|
|
- Source: https://bitbucket.org/coinprompt/coinprompt/src/master/
|
|
- Exploit: [https://bitbucket.org/coinprompt/coinprompt/src/master/server/controllers/snippingController.js line 263](https://bitbucket.org/coinprompt/coinprompt/src/9671a5978efe0c05dba120bb2bb7899bb5cc566d/server/controllers/snippingController.js#lines-263)
|
|
- Found 8 variants (100..=107)
|
|
- Deobfuscator: https://obf-io.deobfuscate.io/
|
|
- Most readable: [workspace/three.js](workspace/three.js)
|
|
- C&C server: http://95.164.17.24:1224 (down since the beginning)
|