chequinho Posted February 6, 2013 Share Posted February 6, 2013 Buenas bros, después de experimentar un poco con Panda, descubrí como sacarlo en la cabecera, lo he probado y aplicado en aprox. 8 stubs compilados a P-CODE. Aclaro: No se si ya exista el tip, no lo vi en ningún lado así que decidí colgarlo. El "tip" consiste en rellenar el offset 316 (3C) con 00, es el equivalente a hacer avfucker con 00 en la cabecera, solo dejará un offset indetectado y funcional (el 316). Antes: This is the hidden content, please Sign In or Sign Up Despues: This is the hidden content, please Sign In or Sign Up Scan antes: File Info: File Name: stub_antes.exe SHA1: 70fe5a7f89716d25cf869fd73bf10b3ee8dc4795 MD5: ecc691965140c0a1bf048323b8cbcb8f Date and Time: 6-02-13,02:42:48 Report Generated by This is the hidden content, please Sign In or Sign Up File Size: 131072 Bytes Detection: 4 of 35 Detections: AVG Free Clean ArcaVir Clean Avast 5 Clean AntiVir (Avira) TR\/Dropper.Gen BitDefender Clean VirusBuster Internet Security Clean Clam Antivirus Clean COMODO Internet Security Clean Dr.Web Clean eTrust-Vet Clean F-PROT Antivirus Clean F-Secure Internet Security Clean G Data Clean IKARUS Security Clean Kaspersky Antivirus HEUR:Trojan.Win32.Generic McAfee Clean MS Security Essentials Clean ESET NOD32 Trojan.Win32\/Injector.ZIL Norman Clean Norton Antivirus Clean Panda Security Suspicious A-Squared Clean Quick Heal Antivirus Clean Solo Antivirus Clean Sophos Clean Trend Micro Internet Security Clean VBA32 Antivirus Clean Vexira Antivirus Clean Zoner AntiVirus Clean Ad-Aware Clean BullGuard Clean Immunet Antivirus Clean K7 Ultimate Clean NANO Antivirus Clean VIPRE Clean Scan después: File Info: File Name: stub_despues.exe SHA1: 3ad156e8f8a868f898ec85438fce00b8fe75836e MD5: 2b7db2918b2dac070e66ce79ce1d66ca Date and Time: 6-02-13,02:44:05 Report Generated by This is the hidden content, please Sign In or Sign Up File Size: 131072 Bytes Detection: 3 of 35 Detections: AVG Free Clean ArcaVir Clean Avast 5 Clean AntiVir (Avira) TR\/Crypt.XPACK.Gen BitDefender Clean VirusBuster Internet Security Clean Clam Antivirus Clean COMODO Internet Security Clean Dr.Web Clean eTrust-Vet Clean F-PROT Antivirus Clean F-Secure Internet Security Clean G Data Clean IKARUS Security Clean Kaspersky Antivirus HEUR:Trojan.Win32.Generic McAfee Clean MS Security Essentials Clean ESET NOD32 Trojan.Win32\/Injector.ZIL Norman Clean Norton Antivirus Clean Panda Security Clean A-Squared Clean Quick Heal Antivirus Clean Solo Antivirus Clean Sophos Clean Trend Micro Internet Security Clean VBA32 Antivirus Clean Vexira Antivirus Clean Zoner AntiVirus Clean Ad-Aware Clean BullGuard Clean Immunet Antivirus Clean K7 Ultimate Clean NANO Antivirus Clean VIPRE Clean Espero que a alguien le sirva, y reitero: El tip no lo vi por ningún lado, si ya existía, doy créditos a los creadores, si no ps... disfruten. xDDDD Saludos desde el más allá (alias EOF). Link to comment Share on other sites More sharing options...
.webp.8407a83ac96563f75e1c428a1f0d4c3e.webp)
.webp.9a04cec050a656fab081ac190f971c3f.webp)
Hack Tools Resurrection
Recommended Posts