Blog by Xenonymous: Tool

Showing posts with label Tool. Show all posts

Tuesday, May 14, 2013

HOIC INFORMATION

SHA256:	3c9806f8e132917ef85512505fadaca733e5523c271dd2e2a6925ddb9c3d0df0
SHA1:	0b419c8b9f60cb9cb8957a6dbccb393b5d072e43
MD5:	451c94a23536dcbba422d7612b34b6ff
File size:	8.5 MB ( 8902228 bytes )
File name:	hoic2.1.exe
File type:	Win32 EXE
Tags:	peexe mz
Detection ratio:	25 / 46
Analysis date:	2013-05-14 14:47:05 UTC

Ikarus: not-a-virus.Hacktool.HOIC
K7AntiVirus: Hacktool
VBA32: Hacktool.DDoSer.2321
McAfee: -
AV: -
"not-a-virus.Hacktool.HOIC"

Additional Information:

ssdeep

49152:XKgsEyTPOoMjJWPDYtoAoB81BE7nNeHhkD9d5VGokmPh2U69mNGkpETUPSGvVuWs:TsEaQWrYtlKheZmq9ANP61tmf

TrID

InstallShield setup (29.4%)
Win32 EXE PECompact compressed (generic) (28.4%)
Win32 Executable MS Visual C++ (generic) (21.3%)
Windows Screen Saver (8.9%)
Win32 Dynamic Link Library (generic) (4.5%)

ExifTool

SubsystemVersion.........: 4.0
LinkerVersion............: 8.0
ImageVersion.............: 0.0
FileSubtype..............: 0
FileVersionNumber........: 1.0.0.0
UninitializedDataSize....: 0
LanguageCode.............: English (U.S.)
FileFlagsMask............: 0x003f
CharacterSet.............: Unicode
InitializedDataSize......: 679936
FileOS...................: Win32
Country..................: 
MIMEType.................: application/octet-stream
LegalCopyright...........: 
FileVersion..............: 1.0.0.0
TimeStamp................: 2008:02:06 17:58:42+00:00
FileType.................: Win32 EXE
PEType...................: PE32
InternalName.............: 
FileAccessDate...........: 2013:05:14 15:46:59+01:00
ProductVersion...........: 
FileDescription..........: 
Release..................: Development
OSVersion................: 4.0
FileCreateDate...........: 2013:05:14 15:46:59+01:00
OriginalFilename.........: hoic.exe
Subsystem................: Windows GUI
MachineType..............: Intel 386 or later, and compatibles
CompanyName..............: 
CodeSize.................: 1474560
ProductName..............: 
ProductVersionNumber.....: 1.0.0.0
EntryPoint...............: 0x15582f
ObjectFileType...........: Executable application

Portable Executable structural information

Compilation timedatestamp.....: 2008-02-06 17:58:42
Target machine................: Intel 386 or later processors and compatible processors
Entry point address...........: 0x0015582F

PE Sections...................:

Name        Virtual Address  Virtual Size  Raw Size  Entropy  MD5
.text                  4096       1472181   1474560     6.63  3ed7acfe70b41f6553a6ab207dc3b595
.rdata              1478656        216654    217088     6.10  cbf161d8a00f96c4e1b9e3ed8d194750
.data               1695744        430624    278528     2.09  cd66d1511bb815a3b68d4e63fc5a7c9d
.rsrc               2129920         27256     28672     4.30  f0ec48234dc728252789002f974c8652

PE Imports....................:

[[COMDLG32.dll]]
PrintDlgA, ChooseColorA, GetSaveFileNameW, PageSetupDlgA, GetOpenFileNameW

[[VERSION.dll]]
VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW

[[WINMM.dll]]
mciSendStringA, midiOutShortMsg, mciSendStringW, midiOutOpen, midiOutClose

[[GDI32.dll]]
GetEnhMetaFileA, GetTextMetricsW, SetMapMode, GetSystemPaletteEntries, Polygon, CreateDIBSection, CreatePen, CreateFontIndirectA, GetTextMetricsA, CombineRgn, SetStretchBltMode, DeleteEnhMetaFile, GetPixel, Rectangle, CreateMetaFileW, GetObjectA, ExcludeClipRect, TranslateCharsetInfo, LineTo, DeleteDC, SetDIBitsToDevice, StretchBlt, EndDoc, GetMetaFileA, SelectObject, StartPage, DeleteObject, CreateBitmap, CloseMetaFile, GetFontLanguageInfo, CreateCompatibleBitmap, RealizePalette, SetTextColor, CreatePatternBrush, GetDeviceCaps, CreateEnhMetaFileW, BitBlt, SetAbortProc, CreateDCA, EnumFontsW, CreateICA, MoveToEx, CreatePalette, EnumFontFamiliesExW, CreateDIBitmap, SetViewportOrgEx, SelectPalette, GetDIBits, SetTextAlign, SelectClipRgn, RoundRect, CreateFontW, SetBkMode, StretchDIBits, CloseEnhMetaFile, SetBrushOrgEx, EndPage, CreateRectRgn, GetClipRgn, StartDocA, DeleteMetaFile, EnumEnhMetaFile, GetEnhMetaFileHeader, CreateBrushIndirect, CreateSolidBrush, SetViewportExtEx, GetStockObject, SetPixelV, SetWindowExtEx, GetTextExtentPoint32W, Ellipse, CreateCompatibleDC

[[SHELL32.dll]]
DragQueryFileW, SHBrowseForFolderW, DragAcceptFiles, SHFileOperationW, ShellExecuteW, SHGetPathFromIDListW, SHGetSpecialFolderLocation, SHGetDesktopFolder, Shell_NotifyIconW, SHGetMalloc, DragFinish

[[KERNEL32.dll]]
GetStdHandle, GetConsoleOutputCP, FileTimeToSystemTime, GetOverlappedResult, WaitForSingleObject, HeapDestroy, GetFileAttributesW, GetLocalTime, FreeEnvironmentStringsA, DeleteCriticalSection, GetCurrentProcess, CompareFileTime, GetConsoleMode, GetLocaleInfoA, _llseek, GetLogicalDrives, FreeEnvironmentStringsW, SetCommTimeouts, GetLocaleInfoW, SetStdHandle, GetCommModemStatus, IsDBCSLeadByteEx, WideCharToMultiByte, GetStringTypeA, WriteFile, _lopen, GetSystemTimeAsFileTime, HeapReAlloc, GetStringTypeW, FreeLibrary, GetTimeZoneInformation, LoadResource, GetLogicalDriveStringsW, FindClose, TlsGetValue, MoveFileW, SetFileAttributesW, GetStringTypeExA, GetEnvironmentVariableW, SetLastError, GetSystemTime, InitializeCriticalSection, CopyFileW, GetUserDefaultLangID, OutputDebugStringW, RemoveDirectoryW, IsDebuggerPresent, HeapAlloc, GetVersionExA, GetModuleFileNameA, QueryPerformanceFrequency, GetUserDefaultLCID, SetHandleCount, UnhandledExceptionFilter, InterlockedDecrement, MultiByteToWideChar, SetFilePointer, _lclose, SetEnvironmentVariableW, GetSystemDirectoryW, SetUnhandledExceptionFilter, MulDiv, ClearCommError, GetSystemDirectoryA, TerminateProcess, WriteConsoleA, SetCurrentDirectoryW, GetCommState, LocalFileTimeToFileTime, SetEndOfFile, GetCurrentThreadId, LeaveCriticalSection, WriteConsoleW, HeapFree, EnterCriticalSection, SetCommBreak, LoadLibraryW, GetOEMCP, QueryPerformanceCounter, GetTickCount, TlsAlloc, VirtualProtect, FlushFileBuffers, LoadLibraryA, RtlUnwind, GlobalSize, GetStartupInfoA, GetDateFormatA, GetWindowsDirectoryW, GetFileSize, GetModuleHandleW, GetCommProperties, CreateDirectoryW, DeleteFileW, GlobalLock, _lread, GetProcessHeap, GetTempFileNameW, CompareStringW, GlobalReAlloc, GetModuleFileNameW, ExpandEnvironmentStringsW, FindNextFileW, GlobalFree, lstrcpyA, ResetEvent, FindFirstFileW, GetProcAddress, EscapeCommFunction, CreateEventW, SetCommState, CreateFileW, CreateEventA, GetFileType, TlsSetValue, CreateFileA, ExitProcess, InterlockedIncrement, GetLastError, SystemTimeToFileTime, LCMapStringW, GetShortPathNameW, GetFileTime, GetConsoleCP, LCMapStringA, GetEnvironmentStringsW, GlobalUnlock, GlobalAlloc, FileTimeToLocalFileTime, GetEnvironmentStrings, GetCurrentDirectoryW, GetCurrentProcessId, LockResource, SetFileTime, GetCommandLineW, GetCPInfo, ClearCommBreak, HeapSize, GetCommandLineA, GetCurrentThread, RaiseException, CompareStringA, TlsFree, GetModuleHandleA, ReadFile, CloseHandle, GetACP, GetVersion, GetLongPathNameW, IsValidCodePage, HeapCreate, GetTempPathW, VirtualFree, Sleep, IsBadReadPtr, FindResourceA, VirtualAlloc, GetTimeFormatA

[[OLEAUT32.dll]]
Ord(419), Ord(424), Ord(6), Ord(2)

[[IPHLPAPI.DLL]]
GetAdaptersInfo

[[ADVAPI32.dll]]
RegCreateKeyExW, RegCloseKey, AccessCheck, RegDeleteKeyW, RegQueryValueExW, GetFileSecurityW, RegisterEventSourceW, DeregisterEventSource, RegOpenKeyExW, ImpersonateSelf, SetServiceStatus, RegQueryInfoKeyW, RegDeleteValueW, RegEnumKeyExW, OpenThreadToken, RegisterServiceCtrlHandlerA, MapGenericMask, RegEnumValueW, RevertToSelf, StartServiceCtrlDispatcherA, RegSetValueExW, ReportEventW

[[ole32.dll]]
OleUninitialize, CoUninitialize, CoInitialize, OleInitialize, CoCreateInstance, CLSIDFromString, RegisterDragDrop, CLSIDFromProgID, DoDragDrop, RevokeDragDrop, CoTaskMemAlloc, CoTaskMemFree, CoGetClassObject

[[USER32.dll]]
RedrawWindow, GetMessagePos, CharLowerBuffA, DestroyMenu, GetForegroundWindow, SetWindowPos, DispatchMessageA, EndPaint, VkKeyScanA, CharUpperBuffA, WindowFromPoint, DrawIcon, GetMessageTime, SetMenuItemInfoW, DispatchMessageW, GetCursorPos, ChildWindowFromPointEx, GetMenuStringW, GetMenu, IsClipboardFormatAvailable, SendMessageA, GetClassInfoW, DefMDIChildProcW, DrawTextW, SetScrollPos, GetWindowTextLengthA, GetSysColor, ClientToScreen, GetActiveWindow, ShowCursor, GetWindowTextW, LoadImageA, GetTopWindow, InvalidateRgn, GetMenuItemID, DestroyWindow, DrawEdge, GetParent, UpdateWindow, SetPropA, EnumWindows, GetMenuState, GetMessageW, ShowWindow, GetPropA, EnumDisplayMonitors, PeekMessageW, TranslateMDISysAccel, EnableWindow, PeekMessageA, TranslateMessage, GetAsyncKeyState, GetWindow, RegisterClassW, CreateCursor, GetIconInfo, SetParent, SetClipboardData, ScrollWindow, IsZoomed, SetWindowLongW, DrawMenuBar, EnableMenuItem, InvertRect, WindowFromDC, GetWindowLongA, CreateWindowExA, FillRect, CopyRect, GetSysColorBrush, CreateWindowExW, CreateMenu, GetMenuItemInfoW, DragDetect, SetFocus, MapVirtualKeyA, PostMessageA, BeginPaint, OffsetRect, DefWindowProcW, GetScrollPos, KillTimer, GetMonitorInfoA, RegisterWindowMessageA, DefWindowProcA, DrawFocusRect, GetClipboardData, GetSystemMetrics, IsIconic, SetScrollRange, GetWindowRect, InflateRect, RegisterClassA, SetCapture, ReleaseCapture, EnumChildWindows, SetWindowLongA, InvalidateRect, RemovePropA, CreatePopupMenu, CheckMenuItem, GetSubMenu, DrawIconEx, SetWindowTextW, SetTimer, BringWindowToTop, FindWindowW, ScreenToClient, LoadCursorA, LoadIconA, TrackPopupMenu, GetMenuItemCount, CreateIconFromResourceEx, CreateIconFromResource, GetSystemMenu, GetDC, InsertMenuW, SetForegroundWindow, OpenClipboard, EmptyClipboard, ReleaseDC, GetScrollRange, GetScrollInfo, CreateIconIndirect, MessageBeep, MessageBoxW, SendMessageW, DrawFrameControl, SetMenu, RegisterClipboardFormatA, MoveWindow, MessageBoxA, GetWindowDC, DestroyCursor, LoadCursorFromFileW, MsgWaitForMultipleObjectsEx, SetScrollInfo, GetKeyState, SystemParametersInfoA, GetDoubleClickTime, DestroyIcon, CreateMDIWindowW, GetWindowLongW, DefFrameProcW, IsWindowVisible, FrameRect, SetRect, DeleteMenu, GetKeyNameTextW, wsprintfA, CallWindowProcW, AdjustWindowRect, GetClientRect, ValidateRect, GetClassNameA, GetFocus, CloseClipboard, SetCursor

[[COMCTL32.dll]]
ImageList_Create, Ord(17), InitCommonControlsEx, ImageList_Destroy, ImageList_Add

PE Resources..................:

Resource type            Number of resources
RT_ICON                  6
RT_GROUP_CURSOR          3
RT_CURSOR                3
RT_MANIFEST              1
PICKLE                   1
RT_VERSION               1
RT_GROUP_ICON            1

Resource language        Number of resources
ENGLISH US               16

ClamAV PUA Engine

Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en .

First seen by VirusTotal

2010-12-10 07:32:17 UTC ( 2 years, 5 months ago )

Last seen by VirusTotal

2013-05-14 14:47:05 UTC ( 2 minutes ago )

File names (max. 25)

hoic2.exe
HOIC.exe
451c94a23536dcbba422d7612b34b6ff
1598819
HOIC2.1.exe
output.1598819.txt
hoic2.1.exe
"hoic2.1.exe"
hoic2.1.exe
smona_3c9806f8e132917ef85512505fadaca733e5523c271dd2e2a6925ddb9c3d0df0.bin
hoic2.1.ex

DDOS TOOL LIST FROM ANONYMOUS 2.0

LOIC
Download: http://adf.ly/TWxyq
Info: http://xenonymous.blogspot.de/2013/05/loic-information.html

HOIC
Download: http://adf.ly/TWy8E *coming soon*
Info: http://xenonymous.blogspot.de/2013/05/hoic-information.html
Another Links:
Not Official
HOIC-Download
http://adf.ly/TWyD3

Pentbox
Download: http://adf.ly/TWyHf

Slowloris
Usage & DL Mirrors: http://adf.ly/TWyMM
Download links here http://adf.ly/TWyTq

r-u-dead-yet?
Download : http://adf.ly/TWyYh

hping2
Download: http://adf.ly/TWydm
hping[2 or 3] [TARGET] -p [PORT] --flood [PACKET TYPE] [OTHER OPTIONS]
4 moar options take a look @ http://pastebin.com/uM1MjN4b

for advanced users:
http://www.thc.org/thc-ssl-dos/

Visit me on Facebook:https://www.facebook.com/pages/Anonymous-Blog-by-Xenonymous/395615810514296

Old:

DDoS Tool List From Anonymous

DDOS TOOLS LIST!
DDoSim (Linux) - Download => http://adf.ly/TWymG

Loris - Download => http://adf.ly/TWytV

Apachekiller - Download => http://pastebin.com/9y9Atijn save as "whatever.pl" <-- More Info http://thehackernews.com/2011/08/killapache-ddos-tool-half-of-internet.html

perl for windows => http://www.activestate.com/activeperl/downloads

pyloris => http://sourceforge.net/projects/pyloris/ | instructions =>http://pastebin.com/MTyHYXJe/hping

=> http://www.hping.org/download.php | Instructions =>

Tor's Hammer => http://adf.ly/TWyzi

LOIC: http://adf.ly/TWz5x

Visit me on Facebook:https://www.facebook.com/pages/Anonymous-Blog-by-Xenonymous/395615810514296

Sunday, May 12, 2013

LOIC INFORMATION

SourceForge:
Low Orbit Ion Cannon.

The project just keeps and maintenances (bug fixing) the code written by the original author - Praetox, but is not associated or related with it.

DISCLAIMER: USE ON YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES.

RESULT: HackTool.MSIL.Loic.de (Not a Virus)

Virus Total:

SHA256:	1b26fcf0da549a47dceefb4e99fd520d63dec3a7cd539d3edcf1d7c1d4a95fd5
SHA1:	26ef60c870017ebc85901fb2fbce740b82032eb1
MD5:	b596e7cacbad1e814b0cd053086c4900
File size:	132.0 KB ( 135168 bytes )
File name:	LOIC.exe
File type:	Win32 EXE
Tags:	peexe assembly mz
Detection ratio:	36 / 46
Analysis date:	2013-05-12 16:34:34 UTC

ssdeep

1536:g9hnd0LAv8k8h/OseMoZKAGRANEiNn8tW6zon4vW48N4Q+X/TsLLbyXPnDlzuZe0:KiLnkqtBoZ9B8ccW48kLcpZi4Vdf

TrID

Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (7.2%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)

ExifTool

FileDescription..........: Low Orbit Ion Cannon
Comments.................: TCP/IP stress-test tool
LinkerVersion............: 8.0
ImageVersion.............: 0.0
ProductName..............: Low Orbit Ion Cannon
FileVersionNumber........: 1.0.7.0
LanguageCode.............: Neutral
FileFlagsMask............: 0x003f
CharacterSet.............: Unicode
InitializedDataSize......: 19968
OriginalFilename.........: LOIC.exe
MIMEType.................: application/octet-stream
Subsystem................: Windows GUI
FileVersion..............: 1.0.7.0
TimeStamp................: 2012:01:29 10:04:31+00:00
FileType.................: Win32 EXE
PEType...................: PE32
InternalName.............: LOIC.exe
SubsystemVersion.........: 4.0
FileAccessDate...........: 2013:05:12 17:34:13+01:00
ProductVersion...........: 1.0.7.0
UninitializedDataSize....: 0
OSVersion................: 4.0
FileCreateDate...........: 2013:05:12 17:34:13+01:00
FileOS...................: Win32
LegalCopyright...........: Public domain
MachineType..............: Intel 386 or later, and compatibles
CodeSize.................: 114688
FileSubtype..............: 0
ProductVersionNumber.....: 1.0.7.0
EntryPoint...............: 0x1de7e
ObjectFileType...........: Executable application
AssemblyVersion..........: 1.0.7.0

Sigcheck

product..................: Low Orbit Ion Cannon
description..............: Low Orbit Ion Cannon
file version.............: 1.0.7.0
original name............: LOIC.exe
strong name..............: Signed
comments.................: TCP/IP stress-test tool
version..................: 1.0.7.0
internal name............: LOIC.exe
copyright................: Public domain
link date................: 11:04 AM 1/29/2012

Portable Executable structural information

Compilation timedatestamp.....: 2012-01-29 10:04:31
Target machine................: Intel 386 or later processors and compatible processors
Entry point address...........: 0x0001DE7E

PE Sections...................:

Name        Virtual Address  Virtual Size  Raw Size  Entropy  MD5
.text                  8192        114308    114688     7.59  0d080ec0ea8cc25e0170d587dd63ac47
.rsrc                122880         19264     19456     6.52  f21a95feec6e9209f5fc1cbccc1ed6f6
.reloc               147456            12       512     0.10  825a5e453d530acd3dbd4031046c9db5

PE Imports....................:

[[mscoree.dll]]
_CorExeMain

PE Resources..................:

Resource type            Number of resources
RT_ICON                  4
RT_GROUP_ICON            1
RT_VERSION               1
RT_MANIFEST              1

Resource language        Number of resources
NEUTRAL                  7

ClamAV PUA Engine

First seen by VirusTotal

2012-01-29 16:25:46 UTC ( 1 year, 3 months ago )

Last seen by VirusTotal

2013-05-12 16:34:34 UTC ( 6 minutes ago )

File names (max. 25)

HOIC.exe
Extreme%20Ddoser%20v2.122%20loic.exe
LOIC.exe
LOIC.exe_
b596e7cacbad1e814b0cd053086c4900
LOIC-1.exe
LOIC1.0.7.42.exe
LOIC 2.exe
LOIC (2).exe
077
LOIC.exe
HackTool.exe
Low Orbit Ion Cannon.exe
LOWORBITIONCANNON.exe
LOIC 1.0.7.42.exe
Low Orbbit Ion Cannon.exe
LOIC.exe
4.LOIC ПРОГРАММА.exe
1B26FCF0DA549A47DCEEFB4E99FD520D63DEC3A7CD539D3EDCF1D7C1D4A95FD5.exe
LOIC (2012_11_02 16_22_21 UTC).exe
26EF60C870017EBC85901FB2FBCE740B82032EB1
LOIC1.exe
sospechoso.txt
LOIC.EXE
('LOIC', '.exe')

RESULT: HackTool.MSIL.Loic.de (Not a Virus)
What is PUA : http://www.clamav.net/index.php?s=pua&lang=en

Tuesday, November 13, 2012

A message from Anonymous: Security

Hello, Citizens of Anonymous. Do not let the enemy identify you online and take away your Anonymity. Anonymity is a freedom. A freedom of which we uphold. A freedom for which we fight for. A freedom we must express.
Here you will find tools and software to keep that freedom. We have listed the download sites here. We encourage you to use these tools whenever you are online.
Do not let the enemies of the internet take away this freedom. Use these tools and remain anonymous online.

Remember,

We are anonymous

We are Legion

We do not forgive

We do not forget

Expect us.

Links: