As per internally decided, the archive was uploaded to the virus total with the hash of:
SHA256 (ELF-malware-in-C-leaks.rar) 43a383bb8b2fa799a0a06a585c52e91f6ea1c877bba12c21e691e32a99f9adf4The password has a high character count and the archive was built in a way to avoid brute. You can receive the password by requesting it commenting this post with informing your current active email address and the detail of which security entity you are actually working with (or anti-viruses office, or law enforcement, or government related research you worked with, as entities allowed t receive these code) and the comment will not be published to the public, please feel free to test it first.
We will check each request. We do not share these codes to the individual/independent person without a clear information. Please bear with the slowness in response due to the check process and due the fact that we are a non-profit organization, with limited resources and only active in our spare time.
The archive will stay online for two months, after that period we won't share it anymore and will delete our files. Don't request the code after this time has passed. Please see Disclaimer and Sharing Guide for more information-->[here]
What can be achieved by these source code are:
- better mitigation of the leaked ELF botnet specific type/variants - some hard coded clue for the distribution DOS attack logic to research - several exploitation research that can be implemented by each ELF botnet - you may publish research of these code(s), on a condition: mention us, #MalwareMustDie. (we really did hard effort in achieving, collecting & testing these codes, for free)
I think I will see how this first part of the sharing goes, for the next part (part 2 of sharing) will be focusing on the share on source codes for the ELF threats that is coming from "specific" region :-)
Cheers from #MalwareMustDie