Hola hoy les dejo esta mod del Pantera crypter que ya estaba muy quemadita asi que decidi hacerle una limpieza lo mas profunda posible :...


Scan del stub antes de modificar:
File Info

Report generated: 20.7.2009 at 3.31.25 (GMT 1)
Filename: ocx32-original.dll
File size: 20 KB
MD5 Hash: 265B0E350412ED6795999A870C83278C
SHA1 Hash: 47E618B4F4E7FA33E68674A3842B687F2F383759
Packer detected: Nothing found *
Self-Extract Archive: Nothing found
Binder Detector: Nothing found
Detection rate: 18 on 24

Detections

a-squared - Backdoor.Win32.Poison!IK
Avira AntiVir - TR/VB.fzz
Avast - Win32:Trojan-gen {Other}
AVG - Generic12.AZ
BitDefender - Trojan.Dropper.VB.AVQ
ClamAV - Trojan.VB-5130
Comodo - TrojWare.Win32.VB.idd
Dr.Web - Trojan.Inject.549
Ewido - Nothing Found!
F-PROT 6 - Nothing Found!
G DATA - Trojan.Win32.VB.idd A
IkarusT3 - Backdoor.Win32.Poison
Kaspersky - Trojan.Win32.VB.idd
McAfee - Generic.dx trojan
MHR (Malware Hash Registry) - Virus Found - detect rate 72%
NOD32 v3 - Win32/Agent.NDL worm
Norman - Trojan W32/VBTroj.YLW
Panda -Nothing Found!
Quick Heal - Nothing Found!
Solo Antivirus -Nothing Found!
Sophos - Mal/Generic-A
TrendMicro - Nothing Found!
VBA32 - Trojan.Win32.VB.fzz
Virus Buster - Trojan.VB.ENTC

Scan report generated by
NoVirusThanks.org

Scan del stub modificado:
File Info

Report generated: 21.7.2009 at 1.11.45 (GMT 1)
Filename: ocx32.dll
File size: 20 KB
MD5 Hash: da1e73038c787747f2472397f27b471a
SHA1 Hash: 2CB53F53C175BA3E041D3330366C8C3B9AE9C8A4
Self-Extract Archive: Nothing found
Binder Detector: Nothing found
Detection rate: 1 on 22

Detections

a-squared Nothing Found!
Avira AntiVir - TR/Dropper.Gen
Avast Nothing Found!
AVG Nothing Found!
BitDefender Nothing Found!
ClamAV Nothing Found!
Comodo Nothing Found!
Dr.Web Nothing Found!
Ewido Nothing Found!
F-PROT6 Nothing Found!
Ikarus T3 Nothing Found!
Kaspersky Nothing Found!
McAfee Nothing Found!
NOD32 v3 Nothing Found!
Norman Nothing Found!
Panda Nothing Found!
QuickHeal Nothing Found!
Solo Antivirus Nothing Found!
Sophos Nothing Found!
TrendMicro Nothing Found!
VBA32 Nothing Found!
VirusBuster Nothing Found!

Scan report generated by
[Enlace externo eliminado para invitados]

Scan del server del poison Ivy:
File Info

Report generated: 21.7.2009 at 1.51.53 (GMT 1)
Filename: Encriptado.exe
File size: 22 KB
MD5 Hash: 708a9ef94920e4814ee5a1360737c734
SHA1 Hash: 002DC0458E23A1B2B6B5385BD0C00DBBB436F9FC
Self-Extract Archive: Nothing found
Binder Detector: Nothing found
Detection rate: 2 on 22

Detections

a-squared - Nothing Found!
Avira AntiVir - TR/Spy.KeyLogge.srt
Avast - Win32:PePatch-NT [Trj]
AVG Nothing Found!
BitDefender Nothing Found!
ClamAV Nothing Found!
Comodo Nothing Found!
Dr.Web Nothing Found!
Ewido Nothing Found!
F-PROT6 Nothing Found!
Ikarus T3 - Nothing Found!
Kaspersky Nothing Found!
McAfee Nothing Found!
NOD32 v3 Nothing Found!
Norman Nothing Found!
Panda Nothing Found!
QuickHeal Nothing Found!
Solo Antivirus Nothing Found!
Sophos Nothing Found!
TrendMicro Nothing Found!
VBA32 Nothing Found!
VirusBuster Nothing Found!

Scan report generated by
[Enlace externo eliminado para invitados]

PD:para sacar la firma del a-squared despues del encryptado ir al offset 21130
y cambiar el valor que tenga por "90"

Descarga:
[Enlace externo eliminado para invitados]

Saludos

buena mod amigo siempre avira peleando

un saludo!

Gracias amigo fexx si no me equivoque.
Un Saludo!

Buen trabajo Fexx ¡ muchas gracias

muy buena fexx
pd:ya me vereis dando guerra ya volvi de vacaciones

gracias por compartir amigo ¿usted no duerme verdad? impresionante que multitud de aportes