Free tools for detecting Hacking Team malware in your systems

Discussion in 'other anti-malware software' started by ronjor, Jul 21, 2015.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,730
    Location:
    Texas
    http://www.net-security.org/malware_news.php?id=3079
     
    Last edited: Jul 21, 2015
  2. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
    Thank you ronjor, I tried it, just to see, and it works.
     
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Well, I downloaded the MSI version and all I got was a zipped download? Also no instructions on how to use the utility.
     
  4. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    331
    Tools like this are a bit redundant for the average Wilders visitor.

    Infections can still only happen in a number of ways.
    1. By injecting a malicious page into legitimate network traffic. (Requires access to the ISP)
    2. By making the user click on a link/document/backdoor.
    3. By having physical access to a machine.

    And the stacked set-up of an average Wilders member would probably already block such an attack.
     
  5. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,169
    confirmed it does not run on Win 8.1 64 bit here
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,730
    Location:
    Texas
    Get the MSI version.
    https://www.rooksecurity.com/resources/downloads/

    Locate the zipped MSI file in downloads, double click the file and install. Windows will complain.

    look in the start menu for Rook Milano. Select the program and a command window will appear. read the preface. Follow directions. Q for quick scan. Would you like to like to use the default path for Windows, select y, hit enter. Give it some time to scan and you will see when it is through. Hit the x to close the window.

    Go to the start menu, and right click Rook Milano and select properties. Under file properties, select open file location and look for last_scan-results and open it. It is a text document.
     
  7. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
    Note that this is very basic detection of known versions of HT malware. The quick scan looks for known filenames and if something is found it will be compared the hash to the list of MD5´s from Hacking Team. The deep scan compares all files on the system to the list.
     
  8. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Thanks. Will give it a go when I get a chance.
     
  9. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Ran both quick and deep scan. I am clean as a whistle ..............
     
  10. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    357
    Weird. It ran fine with me.
     
  11. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,169
    So I got it to work and there Virus total report tagged a exe but when I submitted that same exe to virus total, it only was tagged by the first avs listed none of the major avs flagged it.

    False positive in my mind
     
Loading...