multi antivirur 2011.exe
http://www.virustotal.com/file-scan/rep ... 1305973611
http://www.virustotal.com/file-scan/rep ... 1305973611
Attachments
(386.19 KiB) Downloaded 112 times
A forum for reverse engineering, OS internals and malware analysis
This application was obfuscated using a trial version of CodeFort.And then (when it spawns second (deobfuscated) copy):
It is strictly forbidden to publish this obfuscated application in any form.
See more at www.codefort.org
This assembly is protected by an unregistered version of Eziriz's ".NET Reactor"And then it's XtremeRAT written on Delphi and packed by UPX.
C:\Users\Rafael\Desktop\Xtreme RAT Unicode\Servidor\Indy10\System\IdStreamVCL.pas
C:\Users\Rafael\Desktop\Xtreme RAT Unicode\Servidor\Indy10\System\IdGlobal.pas
C:\Users\Rafael\Desktop\Xtreme RAT Unicode\Servidor\Indy10\System\IdStack.pas
C:\Users\Rafael\Desktop\Xtreme RAT Unicode\Servidor\Indy10\Core\IdIOHandler.pas
markusg wrote:s.exeThis time protected by simple VB crypter.
http://www.virustotal.com/file-scan/rep ... 1305974483