Posts: 3,924
Threads: 70
Joined: Sep 2005
Reputation:
0
NC called it clean. Can someone with some skills have a look at the code?
Posts: 7
Threads: 1
Joined: Feb 2006
Reputation:
0
02-15-2006, 05:31 AM
(This post was last modified: 02-15-2006, 05:31 AM by droxid.)
someone scan it please to proove it's legit and debug it if you must -_-;
p.s. you don't have to use it if you don't want to?
Additional Comment:
Any feedback is necessary to advance on the program
Posts: 7
Threads: 1
Joined: Feb 2006
Reputation:
0
just part of creditz, used bits of his code injection technology, and made it into full exe injection.
Posts: 69
Threads: 15
Joined: Jan 2006
Reputation:
0
02-15-2006, 08:46 AM
(This post was last modified: 02-15-2006, 08:46 AM by bayarea.)
HMMM If I were anyone else like an adim I would close this thread right now b4 anyone gets a trojan.
Additional Comment:
Plus I bet once you use this (if its legit) its detectable fosho
Posts: 1,014
Threads: 26
Joined: May 2004
Reputation:
0
not to mention... check for key-loggers... any professional programmers here to check this out?
Posts: 7
Threads: 1
Joined: Feb 2006
Reputation:
0
1. It's not detectable
2. It's not a trojan
3. It's not a keylogger
don't belive me? don't use it.
Scan it, hex it, disasmble it, debug it
Posts: 106
Threads: 3
Joined: Sep 2005
Reputation:
0
This is defnitely suspicious, the .exe is packed and the PE header is all messed up, apparently to make it harder to disassemble or figure out what it does. Kind of irrelevant anyway since with all the messed up headers it crashes on startup (at least on my Win2K). I wouldn't recommend you touch this.
Posts: 7
Threads: 1
Joined: Feb 2006
Reputation:
0
Who leaves big exes unpacked nowadays?
Just packed for security reasons, no ripping code etc, but if you were a good programmer, it's very easy to disassemble.
And it doesn't crash... :S
Posts: 3,924
Threads: 70
Joined: Sep 2005
Reputation:
0
Ban this droxoid "pr0"grammer.
Posts: 7
Threads: 1
Joined: Feb 2006
Reputation:
0
False positive...
Do you even know what .rk is?
Please, if you're noob and all you can do is scan the file on a honeypot site, stfu.
Posts: 118
Threads: 2
Joined: Dec 2005
Reputation:
0
you shouldn't use aa anyway. aa is for noobs that have no dueling skills.
Posts: 854
Threads: 39
Joined: Sep 2005
Reputation:
0
Ok i Scanned it using Virustotal & Virusjotti. Results from both:
File: AutoAimv1_droxid_recompile.Fix2.zip Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5 294123b0887ec25b41e286f68b6d892a Packers detected: PE_PATCH, UPACK, PE_PATCH.PECOMPACT, PECBUNDLE, PECOMPACT
Scanner results
AntiVir Found nothing
ArcaVir Found Heur.Win32
Avast Found nothing
AVG Antivirus Found BackDoor.Agent.AMQ
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found W32/Agent.RK!bdr
Kaspersky Anti-Virus Found Backdoor.Win32.Agent.rk
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found Backdoor.Win32.Agent.rk
This is a report processed by VirusTotal on 02/17/2006 at 16:46:39 (CET) after scanning the file "AutoAimv1_droxid_recompile.Fix2.zip" file.AntivirusVersionUpdateResultAntiVir6.33.1.5002.17.2006no virus foundAvast4.6.695.002.16.2006no virus foundAVG71802.16.2006BackDoor.Agent.AMQAvira6.33.1.5002.17.2006no virus foundBitDefender7.202.17.2006no virus foundCAT-QuickHeal8.0002.16.2006(Suspicious) - DNAScanClamAVdevel-2006012602.17.2006no virus foundDrWeb 4.3302.17.2006no virus foundeTrust-InoculateIT23.71.7802.17.2006no virus foundeTrust-Vet12.4.208602.17.2006no virus foundEwido3.502.17.2006Backdoor.Agent.rkFortinet2.69.0.002.17.2006W32/Agent.RK!bdrF-Prot3.16c02.17.2006no virus foundIkarus0.2.59.002.17.2006no virus foundKaspersky4.0.2.2402.17.2006Backdoor.Win32.Agent.rkMcAfee469902.17.2006no virus foundNOD32v21.141302.17.2006no virus foundNorman5.70.1002.17.2006no virus foundPanda9.0.0.402.17.2006Suspicious fileSophos4.02.002.17.2006no virus foundSymantec8.002.17.2006no virus foundTheHacker5.9.4.09702.16.2006no virus foundUNA1.8302.16.2006Backdoor.AgentVBA323.10.502.17.2006Backdoor.Win32.Agent.rk
![[Image: untitled5kl4.jpg]](http://img185.imageshack.us/img185/3803/untitled5kl4.jpg)
I like to thank Frogman for making my awesome sig!
Posts: 1,564
Threads: 85
Joined: Nov 2003
Reputation:
0
Kid, until you learn how to program please, dont put trojans in your shit. Thanks
Posts: 1,014
Threads: 26
Joined: May 2004
Reputation:
0
lol did anyone even read the person who scanned it found backdoors? lol..
-.- or is everyone here too lazy to scan it and would much rather spam
![[Image: icon_biggrin.gif]](http://images.edgeofnowhere.cc/images/smiles/icon_biggrin.gif)
![[Image: Snipz.png]](http://www.l33tsig.net/sig/Snipz.png)
