Cauhauna
July 1st, 2010, 20:41
Hello,
I recently acquired 3 private "hacks" for a video game.
one (or more) of them contains a keylogger which successfully compromised by system, recorded keystrokes, and reported to an outside party. I am typing this from my freshly D-BANned desktop 7 pass with mbr rewrite --- had to be sure. I will post the three files for analysis. I tried to look at them with Olly but i couldn't find anything. One (or more) of them are encrypted.
Keylogger defeated the following:
Virustotal.com initial scan
ProcessGuard
Comodo
Avira
Malware Bytes Anti Malware
Doesn't appear to show up in HJT or any other process viewer
I don't need to know how to "cure" the infection -- I'm wiping all machines regardless. What I DO need to know is which file package contains the virus, as I need to use whichever file package(s) is clean. I'll be uploading them shortly from the infected machine.
These files are super private hacks for a video game, held in tight groups of "friends" to prevent them from going public, as the hack detection system is tight (updated with public hacks regularly).
The Three Files are:
Package 1) An injector file (.exe) which injects a DLL into a running process (in this case, game.exe). The DLL is where the "hack" is written, and, when injected, produces the desired effects in game. The injector file got a 3/41 on virustotal, but the threats listed didn't sound "scary" -- they sounded like falses.
Package 2) Very similar, but with an Injector hosted @ the Novell website (i'm assuming it's safe). DLL that hooks into process
Pacakge 3) an .MPQ file that is used by the game. This file goes into the game directory and has been pre modified to produce some desirable effects.
I'll also allow a trusted member access to the system via teamviewer if they so desire. just post or pm me.
I recently acquired 3 private "hacks" for a video game.
one (or more) of them contains a keylogger which successfully compromised by system, recorded keystrokes, and reported to an outside party. I am typing this from my freshly D-BANned desktop 7 pass with mbr rewrite --- had to be sure. I will post the three files for analysis. I tried to look at them with Olly but i couldn't find anything. One (or more) of them are encrypted.
Keylogger defeated the following:
Virustotal.com initial scan
ProcessGuard
Comodo
Avira
Malware Bytes Anti Malware
Doesn't appear to show up in HJT or any other process viewer
I don't need to know how to "cure" the infection -- I'm wiping all machines regardless. What I DO need to know is which file package contains the virus, as I need to use whichever file package(s) is clean. I'll be uploading them shortly from the infected machine.
These files are super private hacks for a video game, held in tight groups of "friends" to prevent them from going public, as the hack detection system is tight (updated with public hacks regularly).
The Three Files are:
Package 1) An injector file (.exe) which injects a DLL into a running process (in this case, game.exe). The DLL is where the "hack" is written, and, when injected, produces the desired effects in game. The injector file got a 3/41 on virustotal, but the threats listed didn't sound "scary" -- they sounded like falses.
Package 2) Very similar, but with an Injector hosted @ the Novell website (i'm assuming it's safe). DLL that hooks into process
Pacakge 3) an .MPQ file that is used by the game. This file goes into the game directory and has been pre modified to produce some desirable effects.
I'll also allow a trusted member access to the system via teamviewer if they so desire. just post or pm me.
