FAO - Apd (near London!)

Post by David
For your interest if you are not already familiar!
https://github.com/cxiao/rust-malware-gallery
Please let me know if it is helpful.

Not much. I tried to download samples. one place wanted a login and
another needed a password (which wasn't given) on the zip file.

What's the relevance of "near London"?

David

2025-02-26 20:09:26 UTC

Post by David
For your interest if you are not already familiar!
https://github.com/cxiao/rust-malware-gallery
Please let me know if it is helpful.

Not much. I tried to download samples. one place wanted a login and
another needed a password (which wasn't given) on the zip file.

Why are you averse to acting accordingly?

Have you already been involved with Rust?

The Trojan.OSX.RustAgent is a type of malware written in Rust —
modern, fast, and often used to bypass traditional antivirus detection.
Since ClamXAV quarantined it I suspect that it was 'real'.

Post by Apd
What's the relevance of "near London"?

Some folk might think you are from the USA!

--
David

2025-02-26 20:16:56 UTC

Post by David
For your interest if you are not already familiar!
https://github.com/cxiao/rust-malware-gallery
Please let me know if it is helpful.

Not much. I tried to download samples. one place wanted a login and
another needed a password (which wasn't given) on the zip file.

Why are you averse to acting accordingly?
Have you already been involved with Rust?
The Trojan.OSX.RustAgent is a type of malware written in Rust —
modern, fast, and often used to bypass traditional antivirus detection.
Since ClamXAV quarantined it I suspect that it was 'real'.
> What's the relevance of "near London"?
Some folk might think you are from the USA!

why would they do that

Brock McNuggets

2025-02-26 20:21:23 UTC

Post by David
For your interest if you are not already familiar!
https://github.com/cxiao/rust-malware-gallery
Please let me know if it is helpful.

Not much. I tried to download samples. one place wanted a login and
another needed a password (which wasn't given) on the zip file.

Why are you averse to acting accordingly?
Have you already been involved with Rust?
The Trojan.OSX.RustAgent is a type of malware written in Rust —
modern, fast, and often used to bypass traditional antivirus detection.
Since ClamXAV quarantined it I suspect that it was 'real'.

Could also be a false positive. Not saying I think it was.

Post by Apd
What's the relevance of "near London"?

Some folk might think you are from the USA!

--
Specialist in unnecessary details and overcomplicated solutions.

Apd

2025-02-26 20:29:13 UTC

Post by David
Please let me know if it is helpful.

Not much. I tried to download samples. one place wanted a login and
another needed a password (which wasn't given) on the zip file.

Why are you averse to acting accordingly?

What?

Post by David
Have you already been involved with Rust?

No.

Post by David
The Trojan.OSX.RustAgent is a type of malware written in Rust -
modern, fast, and often used to bypass traditional antivirus detection.

Many first versions do, irrespective of how they're written.

Post by David
Since ClamXAV quarantined it I suspect that it was 'real'.

You got it in a spam email, right? Emails are plain text, perhaps with
attachments encoded in base64 (still text). You could look yourself or
upload it somewhere I could look.

Post by Apd
What's the relevance of "near London"?

Some folk might think you are from the USA!

Why is that relevant?

David

2025-02-26 23:00:31 UTC

Post by David
Please let me know if it is helpful.

Not much. I tried to download samples. one place wanted a login and
another needed a password (which wasn't given) on the zip file.

Why are you averse to acting accordingly?

What?

Perhaps I misunderstood. *WHY* could you not download samples?

Post by David
Have you already been involved with Rust?

No.

Something new for you to explore then!

Post by David
The Trojan.OSX.RustAgent is a type of malware written in Rust -
modern, fast, and often used to bypass traditional antivirus detection.

Many first versions do, irrespective of how they're written.

You know this ...... *HOW*?

Post by David
Since ClamXAV quarantined it I suspect that it was 'real'.

You got it in a spam email, right? Emails are plain text, perhaps with
attachments encoded in base64 (still text). You could look yourself or
upload it somewhere I could look.

That's what ClamXAV appears to think.

Post by Apd
What's the relevance of "near London"?

Some folk might think you are from the USA!

Why is that relevant?

The USA has lost much goodwill in the last 10 days!
I hope our Prime Minister is not all touchy-feely with Mr Trump tomorrow
- like President Macron was recently!

Apd

2025-02-27 00:47:36 UTC

Post by David
Why are you averse to acting accordingly?

What?

Perhaps I misunderstood. *WHY* could you not download samples?

I can't open them without a password.

Post by David
Have you already been involved with Rust?

No.

Something new for you to explore then!

Maybe, maybe not.

Post by Apd
Many first versions do, irrespective of how they're written.

You know this ...... *HOW*?

Because I hung out in ACV/ACAV for years and was involved in malware
research. You know this.

Post by Apd
You got it in a spam email, right? Emails are plain text, perhaps with
attachments encoded in base64 (still text). You could look yourself or
upload it somewhere I could look.

That's what ClamXAV appears to think.

What, that you could inspect or upload it?

Post by David
Some folk might think you are from the USA!

Why is that relevant?

The USA has lost much goodwill in the last 10 days!

We live in interesting/dangerous times. It could all go horribly wrong
or shake politicians/leaders up enough to do something.

David

2025-02-27 10:27:08 UTC