This post is by a banned member (RedZX) - Unhide
After looking at the crypted file given by @Ecto1324
The crypt is not at fault, even though its detected a lot, its still not the issue. Issue lies from @Ecto1324's side, he binded the file(bad work by the way, he binded the same file 2 times or was it installation 2 times(by crypter+original exe)). Now here is how a binder works: gets 2 files, binds them together under the binder's stub Thats what was crypted, the binder's stub, not the files themselves as they will be dropped and executed as they were originally with XX detections. Here is a picture after the file was executed on "its installation folder" .vbs .bat are used to get privilege and exclude the app from WD Services.exe seems to be the main app in the end being added to the registry for startup(but robux generator.exe is same as Services.exe) h1.exe contains robux generator.exe My point is these are highly detected: Services.exe/robux generator.exe(scanned 7 days ago not by me ): https://www.virustotal.com/gui/file/e36a.../detection stub's detection: https://kleenscan.com/scan_result/c80847...bfd04fd862 even though its the OP's fault for binding files the stub's detection is way too much, reaching 14/40, 1-5/40 on kleenscan should be considered good. but not 6+ Refund or not its up to mods Both people are at fault, one should take the blame, I would favour into the crypter's side but 14/40 too many detections. Sorry for the interference.
This post is by a banned member (RedZX) - Unhide
25 January, 2021 - 05:34 PM
(25 January, 2021 - 05:26 PM)Chromeon Wrote: Show More deliver what? he delivered the crypted file??? lol just too many detections |
Create an account or sign in to comment | ||
You need to be a member in order to leave a comment | ||
Create an account
Sign up for a new account in our community. It's easy!
|
or |
Sign in
Already have an account? Sign in here.
|
Users browsing this thread: 1 Guest(s)