|
برنامج كشف اعدادت ProRat و مسحه برنامج كشف اعدادت ProRat من تعديلي مكتوب بلغة الدلفي وهذه صورة منه http://www4.0zz0.com/2011/01/29/16/508216185.png امكانيات البرنامج ـ كشف اعدادات السرفر ـ كشف داونلودر البرورات ـ استخراج الملفات المدمجة مع السرفر ـ فصح جهازك من سرفر البرورات ـ مسح السرفر اذا كان جهازك مصاب[hide]للتحميل http://www.multiupload.com/XOU8W73I39 الباس mtkb[/hide] |
[align=center]شكراااا على الجهود واصل ابداعك[/align] |
|
مشكوووووووووووووور |
اقتباس:
+ انا عندي ضحايا و اذا اردت اعطيك ههههه ليس ملغم ننتظر من له خبرة في الفحص ههههه |
آسف ___ __ _ + /- / | ____ __ __/ /_ (_)____ -\ + /s h- / /| | / __ \/ / / / __ \/ / ___/ -h s\ oh-:d/ / ___ |/ / / / /_/ / /_/ / (__ ) /d:-ho shh+hy- /_/ |_/_/ /_/\__,_/_.___/_/____/ -yh+hhs -:+hhdhyys/- -\syyhdhh+:- -//////dhhhhhddhhyss- Analysis Report -ssyhhddhhhhhd\\\\\\- /++/////oydddddhhyys/ ooooooooooooooooooooo \syyhhdddddyo\\\\\++\ -+++///////odh/- -+hdo\\\\\\\+++- +++++++++//yy+/: :\+yy\\+++++++++ /+soss+sys//yyo/os++o+: :+o++so\oyy\\sys+ssos+\ +oyyyys++o/+yss/+/oyyyy: :yyyyo\+\ssy+\o++syyyyo+ +oyyyyyyso+os/o/+yyyyyy/ \yyyyyy+\o\so+osyyyyyyo+ [################################################## ###########################] Analysis Report for Pro_Server_Identifier.exe MD5: 68bced7d172eda01eeb8c783ca1cf913 [################################################## ###########################] Summary: - Packed Binary: This executable is protected with a packer in order to prevent it from being reverse engineered. [================================================== ===========================] Table of Contents [================================================== ===========================] - General information - Pro_Server.exe a) Registry Activities b) File Activities [################################################## ###########################] 1. General Information [################################################## ###########################] [================================================== ===========================] Information about Anubis' invocation [================================================== ===========================] Time needed: 241 s Report created: 01/29/11, 17:25:28 UTC Termination reason: Timeout Program version: 1.74.3362 [################################################## ###########################] 2. Pro_Server.exe [################################################## ###########################] [================================================== ===========================] General information about this executable [================================================== ===========================] Analysis Reason: Primary Analysis Subject Filename: Pro_Server.exe MD5: 68bced7d172eda01eeb8c783ca1cf913 SHA-1: 5884b247591a258dfddecc682ab107c99384b0ee File Size: 806400 Bytes Command Line: "C:\Pro_Server.exe" Process-status at analysis end: alive Exit Code: 0 [================================================== ===========================] Load-time Dlls [================================================== ===========================] Module Name: [ C:\WINDOWS\system32\ntdll.dll ], Base Address: [0x7C900000 ], Size: [0x000AF000 ] Module Name: [ C:\WINDOWS\system32\kernel32.dll ], Base Address: [0x7C800000 ], Size: [0x000F6000 ] Module Name: [ C:\WINDOWS\system32\advapi32.dll ], Base Address: [0x77DD0000 ], Size: [0x0009B000 ] Module Name: [ C:\WINDOWS\system32\RPCRT4.dll ], Base Address: [0x77E70000 ], Size: [0x00092000 ] Module Name: [ C:\WINDOWS\system32\Secur32.dll ], Base Address: [0x77FE0000 ], Size: [0x00011000 ] Module Name: [ C:\WINDOWS\system32\comctl32.dll ], Base Address: [0x5D090000 ], Size: [0x0009A000 ] Module Name: [ C:\WINDOWS\system32\GDI32.dll ], Base Address: [0x77F10000 ], Size: [0x00049000 ] Module Name: [ C:\WINDOWS\system32\USER32.dll ], Base Address: [0x7E410000 ], Size: [0x00091000 ] Module Name: [ C:\WINDOWS\system32\comdlg32.dll ], Base Address: [0x763B0000 ], Size: [0x00049000 ] Module Name: [ C:\WINDOWS\system32\SHELL32.dll ], Base Address: [0x7C9C0000 ], Size: [0x00817000 ] Module Name: [ C:\WINDOWS\system32\msvcrt.dll ], Base Address: [0x77C10000 ], Size: [0x00058000 ] Module Name: [ C:\WINDOWS\system32\SHLWAPI.dll ], Base Address: [0x77F60000 ], Size: [0x00076000 ] Module Name: [ C:\WINDOWS\system32\oleaut32.dll ], Base Address: [0x77120000 ], Size: [0x0008B000 ] Module Name: [ C:\WINDOWS\system32\ole32.dll ], Base Address: [0x774E0000 ], Size: [0x0013D000 ] Module Name: [ C:\WINDOWS\system32\version.dll ], Base Address: [0x77C00000 ], Size: [0x00008000 ] Module Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ], Base Address: [0x773D0000 ], Size: [0x00103000 ] [================================================== ===========================] Run-time Dlls [================================================== ===========================] Module Name: [ C:\WINDOWS\system32\uxtheme.dll ], Base Address: [0x5AD70000 ], Size: [0x00038000 ] Module Name: [ C:\WINDOWS\system32\MSCTF.dll ], Base Address: [0x74720000 ], Size: [0x0004C000 ] [================================================== ===========================] SigBuster Output [================================================== ===========================] UPX All_Versions SN:1634 [================================================== ===========================] 2.a) Pro_Server.exe - Registry Activities [================================================== ===========================] [=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=] Registry Values Read: [=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=] Key: [ HKLM\SOFTWARE\Microsoft\CTF\SystemShared\ ], Value Name: [ CUAS ], Value: [ 0 ], 1 time Key: [ HKLM\SYSTEM\CurrentControlSet\Control\Session Manager ], Value Name: [ CriticalSectionTimeout ], Value: [ 2592000 ], 1 time Key: [ HKLM\SYSTEM\Setup ], Value Name: [ SystemSetupInProgress ], Value: [ 0 ], 1 time Key: [ HKLM\Software\Policies\Microsoft\Windows\Safer\Cod eIdentifiers ], Value Name: [ TransparentEnabled ], Value: [ 1 ], 1 time Key: [ HKLM\System\CurrentControlSet\Control\Terminal Server ], Value Name: [ TSUserEnabled ], Value: [ 0 ], 1 time Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ], Value Name: [ Language Hotkey ], Value: [ 1 ], 2 times Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ], Value Name: [ Layout Hotkey ], Value: [ 2 ], 2 times [================================================== ===========================] 2.b) Pro_Server.exe - File Activities [================================================== ===========================] [=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=] Device Control Communication: [=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=] File: [ \Device\KsecDD ], Control Code: [ 0x00390008 ], 1 time [=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=] Memory Mapped Files: [=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=] File Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ] File Name: [ C:\WINDOWS\WindowsShell.Manifest ] File Name: [ C:\WINDOWS\system32\MSCTF.dll ] File Name: [ C:\WINDOWS\system32\SHELL32.dll ] File Name: [ C:\WINDOWS\system32\comctl32.dll ] File Name: [ C:\WINDOWS\system32\imm32.dll ] File Name: [ C:\WINDOWS\system32\uxtheme.dll ] [################################################## ###########################] International Secure Systems Lab http://www.iseclab.org Vienna University of Technology Eurecom France UC Santa Barbara http://www.tuwien.ac.at http://www.eurecom.fr http://www.cs.ucsb.edu Contact: anubis@iseclab.org |
Clean |
اقتباس:
|
اقتباس:
يرجى احضار الدليل وان لم يكن لك دليل تحصل على مخالفه تحياتي للجميع |
اقتباس:
http://vscan.novirusthanks.org/analy...maWVyLWV4ZQ==/ is not clean 100% |
| الساعة الآن 09:06 PM |
[ vBspiders.Com Network ]