View previous topic :: View next topic |
Author |
Message |
pkedpker Master Cheater Reputation: 1
Joined: 11 Oct 2006 Posts: 412
|
Posted: Sat Aug 23, 2008 9:25 pm Post subject: can someone unpack this? |
|
|
This is suppose to be a bot for the chinese version of the game im playing..
could someone unpack it.. its suppose to be a time-card bot meaning u need to pay $$ for hours of use on this.. but the owner of it quit.. and it doesn't seem to work on my computer at all.. I tried unpacking it PeID detects no packer on it.. so idk how to unpack it cant find the right tools..
WARNING: MIGHT NOT BE SAFE TO RUN
but I doubt keyloggers would be packed with a unknown packer.. this bot maker must of knew what he was doing..
http://rapidshare.com/files/139416227/unpackme.zip
and can someone tell me.. possibly if its safe to run??? I ran it.. and it gave me a win32 error box saying not able to read memory of some file.. and nothing happened.. i ran it again.. same thing nothing happened..
well just unpacking it would be good enough for me....
thx
_________________
Last edited by pkedpker on Sun Aug 24, 2008 2:21 am; edited 1 time in total |
|
Back to top |
|
|
pkedpker Master Cheater Reputation: 1
Joined: 11 Oct 2006 Posts: 412
|
Posted: Sun Aug 24, 2008 1:44 am Post subject: |
|
|
I just want to be sure if its a virus or not.. this forum I know helps out ppl who got keylogged or so.. this might be a keylogger or something.. but it aint detected by my virus scan.. it has a fancy icon.. and plus i ran it by accident.. it gave me a legitimate error but I still don't know if im infected.
I don't ask anyone to tell me what it does.. I know Wiccaan would help me out.. if its really a bad program he might tell me.
I dont know.. where to post this.. I tried SeekNDestory forum they banned me.
I just want to be sure its not a virus.. plus isn't it odd that PeID can't detect what it has been packed with.. plus this file is 3 years old.. so im really confused.. well it might be considered a crackme. cuz it has a unknown packer I dont know..
Okay I don't care if you give me or not give me unpacked file I just want to know if this is a virus or not..
_________________
|
|
Back to top |
|
|
Zand Master Cheater Reputation: 0
Joined: 21 Jul 2006 Posts: 424
|
Posted: Sun Aug 24, 2008 6:52 am Post subject: |
|
|
Perhaps it's a packer he made himself??
Bruce that won't really help as online virus scanners either detect the packer and flag it as a virus, or unpack it(unlikely if it doesn't even know what packer it is). Thanks DB
|
|
Back to top |
|
|
zeroc0de Cheater Reputation: 0
Joined: 31 Aug 2008 Posts: 32
|
Posted: Wed Sep 03, 2008 8:31 pm Post subject: |
|
|
Tried to unpack it with many different unpacking tools, all failed.
I couldn't get a proper right signature so I gave up. No idea what this was packed with, it doesn't even seems to work properly.
|
|
Back to top |
|
|
nog_lorp Grandmaster Cheater Reputation: 0
Joined: 26 Feb 2006 Posts: 743
|
Posted: Wed Sep 03, 2008 9:07 pm Post subject: |
|
|
CwSandbox, see if it looks like a virus when it runs.
_________________
Mutilated lips give a kiss on the wrist of the worm-like tips of tentacles expanding in my mind
I'm fine accepting only fresh brine you can get another drop of this yeah you wish |
|
Back to top |
|
|
zeroc0de Cheater Reputation: 0
Joined: 31 Aug 2008 Posts: 32
|
Posted: Wed Sep 03, 2008 9:18 pm Post subject: |
|
|
nog_lorp wrote: | CwSandbox, see if it looks like a virus when it runs. |
Nothing happens (tried it on a test PC) and all it seems to do is crashing.
Not even worth looking at, it just went into the garbage.
|
|
Back to top |
|
|
nog_lorp Grandmaster Cheater Reputation: 0
Joined: 26 Feb 2006 Posts: 743
|
Posted: Wed Sep 03, 2008 9:21 pm Post subject: |
|
|
Lots of malware fakes a crash when it is just a dropper. A long time ago when I dabbled in rootkits, most had an option to design the error message it would give. This way you don't need the dropper to be attached to a real program.
CwSandbox'll tell you everything it does, it is an awesome website (free too), you should check it out if not for this for anything else suspicious you find.
_________________
Mutilated lips give a kiss on the wrist of the worm-like tips of tentacles expanding in my mind
I'm fine accepting only fresh brine you can get another drop of this yeah you wish |
|
Back to top |
|
|
pkedpker Master Cheater Reputation: 1
Joined: 11 Oct 2006 Posts: 412
|
Posted: Wed Sep 03, 2008 9:34 pm Post subject: |
|
|
zeroc0de wrote: | nog_lorp wrote: | CwSandbox, see if it looks like a virus when it runs. |
Nothing happens (tried it on a test PC) and all it seems to do is crashing.
Not even worth looking at, it just went into the garbage. |
it crashes because it tries to run some kind of authorization (it is one of those pay to use bots made by chinese people).
Anyways its not garbage program lol.. its just packed really strange.. but its not a invalid program.. but I still dont know if its safe or not.. I haven't been keylogged or anything.. I ran it a few weeks ago..
Plus as u can see the programs date is over 3 years old... so it might be broken however it connects threw UDP or TCP for authorization.. but its a nice program well I would like to make it runnable..
_________________
|
|
Back to top |
|
|
zeroc0de Cheater Reputation: 0
Joined: 31 Aug 2008 Posts: 32
|
Posted: Thu Sep 04, 2008 10:06 am Post subject: |
|
|
pkedpker wrote: | zeroc0de wrote: | nog_lorp wrote: | CwSandbox, see if it looks like a virus when it runs. |
Nothing happens (tried it on a test PC) and all it seems to do is crashing.
Not even worth looking at, it just went into the garbage. |
it crashes because it tries to run some kind of authorization (it is one of those pay to use bots made by chinese people).
Anyways its not garbage program lol.. its just packed really strange.. but its not a invalid program.. but I still dont know if its safe or not.. I haven't been keylogged or anything.. I ran it a few weeks ago..
Plus as u can see the programs date is over 3 years old... so it might be broken however it connects threw UDP or TCP for authorization.. but its a nice program well I would like to make it runnable.. |
Just forget it.
|
|
Back to top |
|
|
SunBeam I post too much Reputation: 65
Joined: 25 Feb 2005 Posts: 4022 Location: Romania
|
Posted: Thu Sep 04, 2008 11:04 am Post subject: |
|
|
RPolyCryptor v1.4.2 -> Vaska
On my PC it doesn't do crap. Doesn't even run..
C yaz..
|
|
Back to top |
|
|
|