| Search (advanced search) | ||||
Use this Search form before posting, asking or make a new thread.
|
|
08-31-2013, 08:06 PM
Post: #11
|
|||
|
|||
RE:
 Thx very much 4 this :big_grin:
|
|||
|
09-13-2013, 06:31 PM
(This post was last modified: 09-13-2013 06:35 PM by ija61.)
Post: #12
|
|||
|
|||
|
RE:
Hy.
I have test it, the software is running but it bring no results. More than we can't enable proxy. My antivirus is detecting a Trojan and I'm unable to delete the folder. |
|||
|
09-14-2013, 12:52 AM
(This post was last modified: 09-14-2013 01:01 AM by Jiffy.)
Post: #13
|
|||
|
|||
|
RE:
When are these script kiddies going to learn how to code a simple crypter? You won't get very far here otherwise. Odds are most members will scan the file with VT and use a sandbox/VM anyway. I do have some advice for you. If you are looking for slaves then go spam an adult chat with a bunch of horny men or something. I promise you will get far better results. Better yet, script a little bot to spam it for you in intervals so you won't get kicked right off. You could set another instance to every so often disconnect and change proxies before reconnecting again. Ah, it seems I have said too much by now :S. But seriously, it will work a lot better that way. Just think outside the box a little, and you better have a good VPS that keeps no logs and properly adjusts for DNS leaks. Otherwise, you may get a random victim that doesn't take too kindly to having his privacy, passwords, numbers and everything else he owns stolen or messed with. In a case with a particularly adamant individual you could potentially be looking forward to bringing Bubba his dessert. If ya get my meaning ;)
Isn't it fascinating how life just rolls the dice like the rest of us? iJa61, if your AV is detecting it then it should take care of it unless it copies itself within the memory. To be safe you should scan your the memory as well if your AV allows it. If not, Malwarebytes PRO does and it comes with a free trial. After that, restart your comp and take note on how it loads. Once it is booted run full/memory scan once more while you thoroughly check processes and services with TM. Most script kiddies will name the load 'svchost.exe' to try and blend in with the legit svhost process. It may be called something else, I am just letting you know. After you are confident your TM is as it should be and your AV comes clean on both scans you should go through your registry very carefully...a couple times maybe, to be sure. Just don't delete something Windows relies on in a panic because it will come bank to haunt ya. Once you are done with the registry, I would personally check APPDATA, ROAMING and the TEMP directory as well (they tend to like those locations). If nothing seems out of place then you should be good. Just remember to SCAN any file you download that is not from a trusted source (AKA Microsoft, Google...etc) and keep a sandbox and VM handy to test new files. Keep in mind that the above is what you SHOULD do, but you could always wing-it and hope the AV did its thing :P. Alternatively, you could reformat your hard-drive. A lot of work isn't it? Trojans are nasty things and you shouldn't play with them if you can help it. It isn't 99/2000 anymore. Just like our IM tools, they are becoming far more efficient and automated thanks to some clever coding. The last RAT I played with had the ability to automatically copy itself to any external drive that connected to the host (including phones and in some cases Cloud devices) and would continue doing so until every copy was detected and taken care of. Pretty easy to see how the new, custom RATs get spread so quickly in today's world. More than likely whatever RAT was binded is probably just Dark Comet or a variation of another lower grade Trojan, so I am not trying to freak you out. Just trying to keep people as aware as possible. Things like that are how thousands of people get taken for identity theft or have their card numbers stolen, which is definitely a big deal. Anyway, I'm over my rant. Sorry about that lol. I just got a bit carried away. |
|||
|
01-25-2014, 06:46 AM
Post: #14
|
|||
|
|||
|
RE:
Probably the hackers are the authors. Most low lives engage in this practice
|
|||
|
01-25-2014, 06:53 PM
Post: #15
|
|||
|
|||
|
RE:
++ Reps would be appreciated
|
|||
|
03-08-2014, 08:39 PM
Post: #16
|
|||
|
|||
RE:
(06-28-2013 10:14 PM)sada Wrote: This is old ommo.net 1.8.3 version. Code: https://www.virustotal.com/en/file/7ffeac3218e61ad0ffe03f5580eac1aa125b7398ebb2b02c0caf8577e4fc7bc5/analysis/Detection Ratio 2/47 now. |
|||
|
03-11-2014, 11:47 PM
Post: #17
|
|||
|
|||
|
RE:
Old version hey, i'm looking for new one
Be Like REPS.. it's just 1 Second task - Click REP Button -
![[Image: tnx.gif]](https://bestblackhatforum.com/images/smilies/tnx.gif) |
|||
