.- - -----÷M÷E÷N÷U÷------------------------------------------------------------- --- ---- -------------. ! WALL ! STATS ! GOODIES ! YARA ! FAQ ! RSS ! EMV ! `-------------- - --- ---------- -------- -------- -------- -------- ----------------- - ---- ---- --'
__ .- - ---_\/_---------÷U÷S÷A÷G÷E÷--÷/÷--÷F÷A÷Q÷---------------------------------- --- ---- -------------. ! \/\/ ! ¦ ¦ ¦ Why ? ¦ ¦ Malwares targeting ATM platforms may be difficult to get for individuals who want to analyse more ¦ ¦ 'exotic' things. Over the years we are seeing more and more samples, and at CCT we tought it was ¦ ¦ the time to make a 'wall of samples' specific to atm malwares, this can also give an certain idea ¦ ¦ of the atm malware landscape evolution over the years. We hope to see also some new write-ups ¦ ¦ about undocumented malwares :) ¦ ¦ ¦ ¦ How can I use the datas ? ¦ ¦ As usual our policy is to CC0. the whole content of this website is released under Creative ¦ ¦ Common's CC0 1.0. We Believe in OSINT and thinks we can achieve great things by sharing datas. ¦ ¦ Feel free to do what you want with the datas and files hosted here. ¦ ¦ ¦ ¦ Can I contribute to the wall ? ¦ ¦ Yes, we are always looking for people who want to share valuable informations ¦ ¦ ie: yaras, samples, unpacks, paracetamol, swag, wine and cakes. ¦ ¦ If you found a mistake on the wall, or if something need a fix, if you have inquiries or whatever. ¦ ¦ Contact: coSnPtaActM@atm.cybercrime-tracker.net (remove all capital letters) ¦ ¦ Additionally we have a thread here on kernelmode.info: viewtopic.php?f=2&p=32702 ¦ ¦ ¦ ¦ Can I batch download the files ? ¦ ¦ Yes you can, we have a page here who list all the files. ¦ ¦ Hashs, with signature and date can be found here. ¦ ¦ ¦ ¦ Are the dates reliable ? ¦ ¦ Dates are based on first apparition on a public scanner service: Virus Total (for most.) ¦ ¦ We cannot guarantee correctness of the datas being presented and sometime when we thinks the date ¦ ¦ presented isn't good, we adjust it manually. Date aren't reliable but at least we try to get them ¦ ¦ as accurate as possible. ¦ ¦ ¦ ¦ What is 'FIRST RACE!' ? ¦ ¦ Some notice may be mentionned with 'FIRST RACE!' on Virscan line, it just indicate that we're ¦ ¦ the first to submit the file on VirusTotal, It does not necessarily mean it's something new used ¦ ¦ in the wild, but at least it mean this file definitely picked our attention, since somehow it ¦ ¦ passed out gate and we're the first to release it. ¦ ¦ ¦ ¦ How do I download ? ¦ ¦ Oh man, it's everywhere, use common sense. ¦ ¦ ¦ ¦ Liability: ¦ ¦ We refuse to take liability for any damage caused by the service. Since it is a very poisonous ¦ ¦ collection of data, we assume you are aware of potential dangers this implies to your computer ¦ ¦ systems that you have taken neccessary precautions to avoid harm to yourself and others and that ¦ ¦ you use this service at your very own risk. All hostiles files are packed into archives who are ¦ ¦ password protected. If reverse engineering doesn't appeal to you and that you are unsure about ¦ ¦ how to handle files from the collection, please don't. eg: misshandling that file can have ¦ ¦ disatrous consequence on the machine running it. ¦ ¦ Everything is provided as is. ¦ ¦ ¦ ¦ ¦ `----[cybercrime-tracker.net]----- - --- --------------------------------------------- - ---- ---- --'
