Heartbleed Checker

Heartbleed (CVE-2014-0160) is a vulnerability on OpenSSL library which is affected on million of website. This will cause any user on the internet to read system memory. Our team have working to provide an alternative URL for user to verify their web server for vulnerable OpenSSL. User can visit to the following URL: http://heartbleed.honeynet.org.my/ If […]

TOR Based APK Trojan

Several security firms recently discovered TOR based malware on android platform. As we received the sample, we make some quick analysis on it. MD5: 58FED8B5B549BE7ECBFBC6C63B84A728 SHA-1: 2E6DBFA85186AF23A598694D2667207A254F8979 The sample has been reported to have C&C capability which is using unusual top level domain name (.onion). This TLD is usually used by TOR. The use of Orbot TOR […]

Maybank Phishkit Analysis

Just couple of days ago, we discovered a certain Maybank Phishing kit that limits access to only IP address from Malaysia. The phishing kit is hosted in a server in the US. This is basically done via the .htaccess file. Directory of C:\temp\xyz\xyz\m2u\abc 07/04/2011 12:43 PM . 07/04/2011 12:43 PM .. 27/01/2011 01:12 AM 8,701 […]

MyKotakPasir: Solved major problem during automated analysis.

MyKotakPasir 2 is a malware sandbox developed by Malware Research Center at MyCERT. A lot of  improvements have been introduced since the first version. For instance, in the previous version, 2 different programming languages, namely Python and VB, were used to handle analysis work. Due to some teething problems with Python,  I have changed everything to […]