MalwareDatabase icon indicating copy to clipboard operation
MalwareDatabase copied to clipboard

Published 20 hours ago verified publisher icon Endermanch

Malware like Spark doesn't work

Open Emo-BS opened this issue 3 years ago • 21 comments

i tried to run this fmv malware on my w11 vm but it didn't work, why?

Emo-BS avatar Sep 07 '21 16:09 Emo-BS

i tried to run this fmv malware on my w11 vm but it didn't work, why?

i think most of the viruses on this site are mainly aimed on w10 so its quite likely that it won't work on w11.

w10 things will run on w11

Deveroonie avatar Oct 15 '21 22:10 Deveroonie

Try disabling Windows Defender and Microsoft Smartscreen on the VM Microsoft detects a lot of the malware in this repo, so it is possible

iam-py-test avatar Oct 18 '21 12:10 iam-py-test

already tried with w7, 10 , 11 all of them got the same erorr before running Spark.exe

Emo-BS avatar Oct 18 '21 23:10 Emo-BS

already tried with w7, 10 , 11 all of them got the same erorr before running Spark.exe

Can you take a screenshot of the error and upload it to GitHub?

iam-py-test avatar Oct 18 '21 23:10 iam-py-test

unknown

Emo-BS avatar Oct 19 '21 12:10 Emo-BS

i've installed the .NET language if u asked me

Emo-BS avatar Oct 19 '21 13:10 Emo-BS

Let me test on my VM. Maybe it’s a sample-specific issue Which malware sample are you running? I don't see a spark.zip file

iam-py-test avatar Oct 19 '21 21:10 iam-py-test

The [email protected] one its the Spark (1).zip behind the erorr message but winrar icon doesn't appear on the .zip file :/

Emo-BS avatar Oct 20 '21 12:10 Emo-BS

I can reproduce the issue. The malware does not make any (noticeable) changes and does not persist in memory It creates no start-up item (that I saw) and made no changes to the file system or registry (that I saw - the only changes made to the system seemed just to be Microsoft doing what Microsoft does).

iam-py-test avatar Oct 20 '21 21:10 iam-py-test

So...what is that supposed to mean actually? if it's just broken and you need to send me the actual trojan by email there it is : [email protected] (it's not my personal email but owns it)

Emo-BS avatar Nov 06 '21 20:11 Emo-BS

So...what is that supposed to mean actually? if it's just broken and you need to send me the actual trojan by email there it is : [email protected] (it's not my personal email but owns it)

Not sure if you are talking to me or @Endermanch I don't have the actual trojan, so can't help

iam-py-test avatar Nov 06 '21 20:11 iam-py-test

some malware sample's are not working i don't know why but they are not working

azlan-syed avatar Dec 14 '21 15:12 azlan-syed

some malware sample's are not working i don't know why but they are not working

Some of the malware (i.e. Cookie Clicker & Noescape) requires you to install extra software to run it. Also be sure to update your Virtual Machine so it's running the latest Windows - some might not work on older Windows versions Which ones are you trying?

iam-py-test avatar Dec 14 '21 16:12 iam-py-test

see the list

On Tue, 14 Dec 2021 at 21:38, iam-py-test @.***> wrote:

some malware sample's are not working i don't know why but they are not working

Some of the malware (i.e. Cookie Clicker & Noescape) requires you to install extra software to run it. Also be sure to update your VM so it's running the latest Windows - some might not work on older Windows versions Which ones are you trying?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/Endermanch/MalwareDatabase/issues/206#issuecomment-993696132, or unsubscribe https://github.com/notifications/unsubscribe-auth/AV7DJIFIIRRKHBSP5UHTRRDUQ5TWHANCNFSM5DSXCCAA .

azlan-syed avatar Dec 15 '21 02:12 azlan-syed

some malware sample's are not working i don't know why but they are not working

Some of the malware (i.e. Cookie Clicker & Noescape) requires you to install extra software to run it. Also be sure to update your Virtual Machine so it's running the latest Windows - some might not work on older Windows versions Which ones are you trying?

i raised an issue you can see that in the issues page these malware sample's are not working well thanks in advance

azlan-syed avatar Dec 15 '21 02:12 azlan-syed

i raised an issue you can see that in the issues page these malware sample's are not working well thanks in advance

Sorry, I didn't see https://github.com/Endermanch/MalwareDatabase/issues/229. Your going to have to ask @Endermanch - I just saw this issue and decided to comment, I have no access and can't really help

iam-py-test avatar Dec 15 '21 02:12 iam-py-test

i raised an issue you can see that in the issues page these malware sample's are not working well thanks in advance

Sorry, I didn't see #229. Your going to have to ask @Endermanch - I just saw this issue and decided to comment, I have no access and can't really help

ok thanks

azlan-syed avatar Dec 15 '21 02:12 azlan-syed

i tried to run this fmv malware on my w11 vm but it didn't work, why?

bro try windows 10 it will be fine

azlan-syed avatar Dec 16 '21 03:12 azlan-syed

[email protected] needs to be renamed to "Spark.exe" (without quotes) to work due to way it's coded that relies on filename to be Spark.exe

pankoza2-pl avatar Mar 08 '22 20:03 pankoza2-pl

[email protected] needs to be renamed to "Spark.exe" (without quotes) to work due to way it's coded that relies on filename to be Spark.exe

Thanks. Now it works on a Windows 10 VM

iam-py-test avatar Mar 08 '22 21:03 iam-py-test

[email protected] needs to be renamed to "Spark.exe" (without quotes) to work due to way it's coded that relies on filename to be Spark.exe

Thanks a lot

azlan-syed avatar Mar 12 '22 04:03 azlan-syed