Malware Research

14 June 2024 09:19

Best bet would be to contact the author

Malware Research

14 June 2024 09:19

Hmn, that is different

Malware Research

14 June 2024 09:18

You mean the initialize_pure_virtual_call_handler?

Malware Research

14 June 2024 09:17

IDA might mistakenly identify the first call

Malware Research

14 June 2024 09:13

But does the disassembly also show that to you?

Malware Research

14 June 2024 09:12

Yeah decompiled code

Malware Research

14 June 2024 09:11

Yeah this is my disassembly

Malware Research

14 June 2024 09:11

Did you check the assembly to verify what the decompiler says?

Malware Research

14 June 2024 09:06

I did download the same sample, referred in this blog, would appreciate if anyone could help me out with it, thanks a bunch

Malware Research

14 June 2024 09:05

I didnt find any function installed to jump to malicious code looks like ordinary CRT code

Malware Research

14 June 2024 07:32

New FedBan
Fed: Libra's Empire
FedAdmin: ❤🦦
User: Omar Khaled
User ID: 627790635
Reason: asking for cracked software

Malware Research

14 June 2024 00:58

Hello, I need help in an application for windows.
It's called "SHERAeasy model"
I have the files but can't find it cracked.

Malware Research

13 June 2024 23:40

Proper comedy, thank you for that

Malware Research

13 June 2024 19:43

Any one know how to know Avatar singles?

Malware Research

13 June 2024 03:40

New FedBan
Fed: Libra's Empire
FedAdmin: ❤🦦
User: Linda
User ID: 7007124069
Reason: for ignoring warning

Malware Research

14 June 2024 09:19

Well unlike blog it looks different

Malware Research

14 June 2024 09:19

Because your function looks identical to the blog screenshot, the name of the first function just differs

Malware Research

14 June 2024 09:17

How does it look like in the decompiler?

Malware Research

14 June 2024 09:16

are you using the public FLIRT signature server?

Malware Research

14 June 2024 09:12

But there's no signs of the function being called

Malware Research

14 June 2024 09:11

No this is your decompiler

Malware Research

14 June 2024 09:11

Seems like the screenshot above is of the same, but without the call at the start

Malware Research

14 June 2024 09:10

and your decompilation differs from this one?

Malware Research

14 June 2024 09:05

https://alpine-sec.medium.com/hijackloader-targets-hotels-a-technical-analysis-c2795fc4f3a3

Malware Research

14 June 2024 09:03

Guys, need a small help, did anyone reversed HijackLoader, if so am trying to reverse it, some of the writeups say that the code is hooking CRT library's code, specifically the CRT initialization library but I didnt really find any call or indirect jmp to any function

Malware Research

14 June 2024 07:28

Hello people,

Check this and tell me what do you think about it :

https://x.com/S0fianeHamlaoui/status/1801486680404251023

Thank you in advance.

Malware Research

13 June 2024 23:41

Originally responded to:

Malware Research

13 June 2024 20:59

Hello everyone me I can hack any vulnerability exists. i hack to express, not to impress. welcome to the world of code and chords 😊

Malware Research

13 June 2024 08:45

Stay on-topic, and use search engines

Malware Research

12 June 2024 20:42

learn to use a search engine, it will be very helpful