Olá... Fiz essa stub bem simples vocês, já que talvez eu fique uns dias sem pc... Encryptado volta um ou outro, mas nada de dificil tirar... Essa firma do Kasper da pra tirar com CFF, Quick Heal add 4.000 bytes no hex ou 4 bytes no PE_labz em sua stub.

[*] Imagem do client:

Imagen


Scan da stub:

Filename: y䕧Zü±ï•S¬D•ZoSä.exe
Filesize: 28,00 kB
Date: 2016-04-18 21:48:26
MD5: def4f24da1f41f5039e8428be25e787a
SHA1: b95ba646002e7ea649819e4826a81da74fbe26af
Status: Infected
Rate: 1/35

Details:
Ad-Aware - File is clean
A-Squared - File is clean
Avast - File is clean
AVG Free - File is clean
AntiVir (Avira) - File is clean
BitDefender - File is clean
BullGuard - File is clean
Clam Antivirus - File is clean
COMODO Internet Security - File is clean
Dr.Web - File is clean
ESET NOD32 - Trojan.Win32/Injector.BNQF
eTrust-Vet - File is clean
FortiClient - File is clean
F-PROT Antivirus - File is clean
F-Secure Internet Security - File is clean
G Data - File is clean
IKARUS Security - File is clean
K7 Ultimate - File is clean
Kaspersky Antivirus - File is clean
McAfee - File is clean
MS Security Essentials - File is clean
NANO Antivirus - File is clean
Norman - File is clean
Norton Antivirus - File is clean
Panda CommandLine - File is clean
Panda Security - File is clean
Quick Heal Antivirus - File is clean
Solo Antivirus - File is clean
Sophos - File is clean
SUPERAntiSpyware - File is clean
Trend Micro Internet Security - File is clean
Twister Antivirus - File is clean
VBA32 Antivirus - File is clean
VIPRE - File is clean
Zoner AntiVirus - File is clean

Scan Result: [Enlace externo eliminado para invitados]
[Enlace externo eliminado para invitados]


Scan encrypt bolita:

Filename: CryptedBySleepz.exe
Filesize: 52,01 kB
Date: 2016-04-18 21:54:42
MD5: 66bf9e62d6e5ee37d30155b1aa29c211
SHA1: c784ad2ac350587f76c3172949e5ce49165b1213
Status: Infected
Rate: 3/35

Details:
Ad-Aware - File is clean
A-Squared - File is clean
Avast - File is clean
AVG Free - File is clean
AntiVir (Avira) - File is clean
BitDefender - File is clean
BullGuard - File is clean
Clam Antivirus - File is clean
COMODO Internet Security - File is clean
Dr.Web - File is clean
ESET NOD32 - Trojan.Win32/Injector.BNQF
eTrust-Vet - File is clean
FortiClient - File is clean
F-PROT Antivirus - File is clean
F-Secure Internet Security - File is clean
G Data - File is clean
IKARUS Security - File is clean
K7 Ultimate - File is clean
Kaspersky Antivirus - Worm.Win32.VBNA.b
McAfee - File is clean
MS Security Essentials - File is clean
NANO Antivirus - File is clean
Norman - File is clean
Norton Antivirus - File is clean
Panda CommandLine - File is clean
Panda Security - File is clean
Quick Heal Antivirus - Virtool.VBCrypt.BC7
Solo Antivirus - File is clean
Sophos - File is clean
SUPERAntiSpyware - File is clean
Trend Micro Internet Security - File is clean
Twister Antivirus - File is clean
VBA32 Antivirus - File is clean
VIPRE - File is clean
Zoner AntiVirus - File is clean

Scan Result: [Enlace externo eliminado para invitados]
[Enlace externo eliminado para invitados]


[Enlace externo eliminado para invitados]

si no se puede cambiar el área correcta por favor? gracias
Skype: mh1tzzz
Gracias
"Concentrarse en las fortalezas, reconocer las debilidades, las oportunidades y tomar la guardia contra las amenazas."

―Sun Tzu
ya que lo puso libre...cuidado donde escanean o se quema rapido
CryptoSharex.com  | Aceptando donaciones..gracias: 1CiVFiGwCtf1kpASyQB9j8dhNyJs5AfaMX
Responder

Volver a “Manuales y Tutoriales”