Nytro Posted November 5, 2009 Report Share Posted November 5, 2009 Nu l-am incercat, nu stiu daca este infectat, incercati pe riscul vostru.Apocalypse RAT, which is based on Institiution 2004, was recoded mostly and many Bugs were fixed. The Authors, from which some Functions were used, were named in the Credits Window.Special Thanks Goes ToAphex - Institution 2004 0.2.4 Source Very Very Big ThanksKill3r7 - Very Very Big ThanksShapelessFunguskidSteve10120 - Big ThanksGareth - Big ThanksCarb0nSyntax_err2slySqUeEzErDarkCoderSc - Big ThanksSnify - for Beta Test - Big ThanksRob33nCoyoTeBunnnSpy-Net - Help and Support - Big ThanksCounterstrikewiErazerZSkywebSlayer616 Thanks.AbheMark James For FamFamFam Silk IconsApocalypse Institution 2004 0.2.6 Source BASED RAThttp://www.opensc.ws/rat-source/2373-institution-2004-0-2-6-source.htmlDownload:http://www.speedyshare.com/408599651.html Quote Link to comment Share on other sites More sharing options...
Azrael-sub7 Posted November 5, 2009 Report Share Posted November 5, 2009 linkul asta http://www.opensc.ws/rat-source/2373-institution-2004-0-2-6-source.html e dead ai altul ? Quote Link to comment Share on other sites More sharing options...
Nytro Posted November 6, 2009 Author Report Share Posted November 6, 2009 Ieri mergea linkul, poate e de la serverul opensc, poate isi revine. Oricum, acolo e sursa de la care a fost inceput acest RAT. Quote Link to comment Share on other sites More sharing options...
Azrael-sub7 Posted November 6, 2009 Report Share Posted November 6, 2009 L am testat pe wine merge , construieste si server , packat cu upx , este destul de complex , aici rezultatul scanarii(servar.exe) de pe virus total : Virustotal. MD5: a44aa48b88366d9619935928cb9c6545 Heuristic.BehavesLike.Win32.Dropper.B VirTool:Win32/DelfInject.gen!L Downloader.Delphi!IK , destul de interesant nu il vede nici un Av mai serios , pacat ca nu ai si sursa completa Quote Link to comment Share on other sites More sharing options...
Guest Nemessis Posted November 6, 2009 Report Share Posted November 6, 2009 @Azrael - te-ai pisat pe el Virustotal trimite toate fisierele testate la companiile producatoare de antivirusi. Quote Link to comment Share on other sites More sharing options...
Nytro Posted November 6, 2009 Author Report Share Posted November 6, 2009 Din partea mea, a facut un lucru bun. Eu mi-am scanat singur Digital Keylogger, la putin timp dupa publicare. Consider folosirea acestor programe furt informational si nu sunt de acord cu ele. Quote Link to comment Share on other sites More sharing options...
Guest Nemessis Posted November 6, 2009 Report Share Posted November 6, 2009 Din partea mea, a facut un lucru bun. Eu mi-am scanat singur Digital Keylogger, la putin timp dupa publicare. Consider folosirea acestor programe furt informational si nu sunt de acord cu ele.But you suck anyway ) Quote Link to comment Share on other sites More sharing options...
cmiN Posted November 6, 2009 Report Share Posted November 6, 2009 Din cate stiam are si optiunea de a nu shara / trimite fisierul catre acele servere. Quote Link to comment Share on other sites More sharing options...
Azrael-sub7 Posted November 6, 2009 Report Share Posted November 6, 2009 Nu stiu daca le trimite ... , pe webiste nu am vazut asa ceva scris , acum ma rog poate le trimite dar eu mi am scanat executabile si nu au devenit detectabile nici dupa lunii intregi dupa ce le am scanat ... , de fapt devine detectabil de cele mai multe ori pentru ca sunt ff multi pe net care nu au ce face si se apuca sa raporteze la greu ... Ca de exemplu eu am luat ban pe google project hosting , pentru ca m a raportat unu ca aveam un keyloger un crack si un dialer desi erau postate si sursele , si practic nu incalcasem relgulamentul , si nu stiam de ce am luat ban am dat un search pe googel si am gasit o pgina de pe google grups unde un nene facuse un topic ca a gasit el cod "malitios" , si asa am luat ban desi in TOS nu scrie nimic scrie doar ca trebuie sa fie open source , si acum sa fim cinstiti orice program nu poate fi malitios cand e open source ... Oricum ideea e ca sunt multi pe net care raporteaza direct la companii , astea sunt pricipalul motiv pt care devin detectabile ... Quote Link to comment Share on other sites More sharing options...
Guest Nemessis Posted November 7, 2009 Report Share Posted November 7, 2009 Din cate stiam are si optiunea de a nu shara / trimite fisierul catre acele servere.Au anuntat acum un an si ceva ca vor trimite absolut orice fisier la companiile de antivirus. Optiunea nu mai exista Quote Link to comment Share on other sites More sharing options...
alecscosmi Posted January 16, 2010 Report Share Posted January 16, 2010 E super softul, cel putin mie mi-a mers perfect:) Quote Link to comment Share on other sites More sharing options...