Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked TIP quita algunos Avs e "Suspicous" de Panda by GoldenArrow

(Sony)

By INACTIVE (Sony)
in Remote Administration

 Share

Recommended Posts

(Sony) Aspiring Hacker

INACTIVE (Sony)

Posted
Posted

This is the hidden content, please

 

Explicacion:

 

Tenemos el primeiro % marcado... contas 26 offsets para tras e entre lo 26 offsets hasta 28 vas tentando combinaciones.

 

En la figura tienes:

 

K @ . _ . R nessa zona es onde consigo mejores resultados és onde quito "suspicious" de Panda... e se altera por ex.... R @ = / - F ou seja tentando varias combinaciones de simbolos e letras.

 

Tamben consegui buenos resultados con algunas firmas alternado alguns de offsets en toda la zona marca a negro.

 

Scan Antes:

 

File Info

 

Report date: 2012-05-23.

File name: encrypt.eXe

File size: 81983 bytes

MD5 Hash: a810bc10ba839b0d8aeab4f2c786bc7f

SHA1 Hash: 8c36c7ae368f2c717436e25c788b551db44ef3e3

Detection rate: 15 out of 37

Status: INFECTED

 

Detections

 

AVG - Trojan horse Dropper.Generic6.OCH.

Acavir - Clean.

Avast 5 -Clean.

Avast -Clean.

Avira -TR/Agent.36864.320.

BitDefender -Gen:Trojan.Heur.ZGY.5.

VirusBuster Internet Security -Clean.

Clam Antivirus -Clean.

COMODO Internet Security -Clean.

DrWeb -Trojan.VbCrypt.66.

eTrust-Vet -Win32/VBNA.A!generic.

F-PROT Antivirus -Clean.

F-Secure Internet Security -Gen:Trojan.Heur.ZGY.5.

G Data -Gen:Trojan.Heur.ZGY.5.

IKARUS Security-Virus.Win32.VBInject.

Kaspersky Antivirus -Clean.

McAfee -Clean.

MS Security Essentials -VirTool:Win32/VBInject.gen!ID.

ESET NOD32 -Trojan.Win32/Injector.MAF.

Norman -W32/VBInject.YR.

Norton -Clean.

Panda Security -Suspicious.

A-Squared Security -Clean.

Quick Heal Antivirus -Clean.

Rising Antivirus -Clean.

Solo Antivirus -Clean.

Sophos -Mal/EncPk-DV.

Trend Micro Internet Security -virus found deleted.

VBA32 Antivirus -Clean.

Vexira Antivirus -Clean.

Webroot Internet Security -Clean.

Zoner AntiVirus -Clean.

Ad-Aware -Clean.

AhnLab V3 Internet Security -Clean.

Bullguard -virus: Gen:Trojan.Heur.ZGY.5.

Imunitet -Clean.

Vipre -Clean.

 

 

Stub Despues:

 

File Info

 

Report date: 2012-05-23.

File name: encrypt3.exe

File size: 81983 bytes

MD5 Hash: 4fa40e5b2440e1f6a3ac849c214be297

SHA1 Hash: 46185d7801e13f52721753ca460d9cf86b740c10

Detection rate: 12 out of 37

Status: INFECTED

 

Detections

 

AVG - Clean.

Acavir - Clean.

Avast 5 -Clean.

Avast -Clean.

Avira -TR/Agent.36864.320.

BitDefender -Gen:Trojan.Heur.ZGY.5.

VirusBuster Internet Security -Clean.

Clam Antivirus -Clean.

COMODO Internet Security -Clean.

DrWeb -Trojan.VbCrypt.66.

eTrust-Vet -Win32/VBNA.A!generic.

F-PROT Antivirus -Clean.

F-Secure Internet Security -Gen:Trojan.Heur.ZGY.5.

G Data -Gen:Trojan.Heur.ZGY.5.

IKARUS Security-Virus.Win32.VBInject.

Kaspersky Antivirus -Clean.

McAfee -Clean.

MS Security Essentials -VirTool:Win32/VBInject.gen!ID.

ESET NOD32 -Trojan.Win32/Injector.MAF.

Norman -W32/VBInject.YR.

Norton -Clean.

Panda Security -Clean.

A-Squared Security -Clean.

Quick Heal Antivirus -Clean.

Rising Antivirus -Clean.

Solo Antivirus -Clean.

Sophos -Mal/EncPk-DV.

Trend Micro Internet Security -Clean.

VBA32 Antivirus -Clean.

Vexira Antivirus -Clean.

Webroot Internet Security -Clean.

Zoner AntiVirus -Clean.

Ad-Aware -Clean.

AhnLab V3 Internet Security -Clean.

Bullguard -virus: Gen:Trojan.Heur.ZGY.5.

Imunitet -Clean.

Vipre -Clean.

 

:paranoico:

Link to comment
Share on other sites
GoldenArrow New User

GoldenArrow

Posted
Posted (edited)
gracias sony sabes que lo probe y me saco varios avs muy bueno el tip

 

saludos

 

Holla...

 

Si lo resulta me a revelado la TIP porque yo tengo buenos resultado em varios Stubs...

 

Otro Scan tentando en el mismos offsets con outras combinaciones ( pelas pruebas no existe combinacion especifica, como comentei... és question de prueba e error)... esse aqui me quitou Avira:

 

Stub antes:

 

File Info

 

Report date: 2012-05-22.

Scan Occured:

This is the hidden content, please

Link to scan:

This is the hidden content, please

File name: golldi.eXe

File size: 81983 bytes

MD5 Hash: bc99aa0d8eb28faac93ebb75486aa82f

SHA1 Hash: cbcf7cc5cd18c3df357925f2e3aca28c670130e5

Detection rate: 11 out of 37

Status: INFECTED

 

Detections

 

AVG - Clean.

Acavir - Clean.

Avast 5 -Clean.

Avast -Clean.

Avira -TR/Agent.36864.320.

BitDefender -Clean.

VirusBuster Internet Security -Clean.

Clam Antivirus -Clean.

COMODO Internet Security -Clean.

DrWeb -Trojan.VbCrypt.66.

eTrust-Vet -Win32/VBNA.A!generic.

F-PROT Antivirus -Clean.

F-Secure Internet Security -Gen:Trojan.Heur.ZGY.5.

G Data -Gen:Trojan.Heur.ZGY.5.

IKARUS Security-Virus.Win32.VBInject.

Kaspersky Antivirus -Clean.

McAfee -Clean.

MS Security Essentials -VirTool:Win32/VBInject.gen!ID.

ESET NOD32 -Trojan.Win32/Injector.MAF.

Norman -W32/VBInject.YR.

Norton -Clean.

Panda Security -Clean.

A-Squared Security -Clean.

Quick Heal Antivirus -Clean.

Rising Antivirus -Clean.

Solo Antivirus -Clean.

Sophos -Mal/EncPk-DV.

Trend Micro Internet Security -Clean.

VBA32 Antivirus -Clean.

Vexira Antivirus -Clean.

Webroot Internet Security -Clean.

Zoner AntiVirus -Clean.

Ad-Aware -Clean.

AhnLab V3 Internet Security -Clean.

Bullguard -virus: Gen:Trojan.Heur.ZGY.5.

Imunitet -Clean.

Vipre -Clean.

 

***

This is the hidden content, please

 

Stub con offsets modificados:

 

File Info

 

Report date: 2012-05-22.

Scan Occured:

This is the hidden content, please

Link to scan:

This is the hidden content, please

File name: golldiii.exe

File size: 81983 bytes

MD5 Hash: 779f5f6d5de3ae26cc274431e4ce429a

SHA1 Hash: 0f0f92bb30e8cc143fc07fea67dece53d99d7926

Detection rate: 13 out of 37

Status: INFECTED

 

Detections

 

AVG - Clean.

Acavir - Clean.

Avast 5 -Clean.

Avast -Clean.

Avira -Clean.

BitDefender -Clean.

VirusBuster Internet Security -Clean.

Clam Antivirus -Clean.

COMODO Internet Security -Clean.

DrWeb -Trojan.VbCrypt.66.

eTrust-Vet -Win32/VBNA.A!generic.

F-PROT Antivirus -Clean.

F-Secure Internet Security -Gen:Trojan.Heur.ZGY.5.

G Data -Gen:Trojan.Heur.ZGY.5.

IKARUS Security-Virus.Win32.VBInject.

Kaspersky Antivirus -HEUR:Trojan.Win32.Generic.

McAfee -Clean.

MS Security Essentials -VirTool:Win32/CeeInject.gen!A.

ESET NOD32 -Trojan.Win32/Injector.MAF.

Norman -W32/VBInject.YR.

Norton -Clean.

Panda Security -Clean.

A-Squared Security -Clean.

Quick Heal Antivirus -Clean.

Rising Antivirus -Clean.

Solo Antivirus -Clean.

Sophos -Mal/EncPk-DV.

Trend Micro Internet Security -Mal_Repyh.

VBA32 Antivirus -Clean.

Vexira Antivirus -Clean.

Webroot Internet Security -Clean.

Zoner AntiVirus -Clean.

Ad-Aware -Clean.

AhnLab V3 Internet Security -Clean.

Bullguard -virus: Gen:Trojan.Heur.ZGY.5.

Imunitet -Gen:Trojan.Heur.ZGY.5.

Vipre -Clean.

 

***

This is the hidden content, please

 

 

Gracias (sony) por publicarlo aqui en el forum...

 

Saludos...

Edited by GoldenArrow
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.