devilsystem Posted February 24, 2014 Report Posted February 24, 2014 (edited) hello guys , Here is a simple tool but very usefull and perfectly working called lethalspooferthis software is able to change with ease the extension of your server.exe as trusted extension like :-jpg-png-avi-pdf-doc-ziphere is some pictures :the spoofer itself :the spoofed output file :as you can see on the picture , the extension has been perfectly spoofed and nobody can see it was originaly an Exe as the majority of others spooferAnd it is also important to know that Output's from LethalSpoofer are not .NET dependent so don't requires any net framework Scan of LethalSpoofer :https://www.virustotal.com/en/file/60e9afc2bd0bec0d57053022668a81f5b92023ddc9d07c5ba428b30ac19bbf1b/analysis/1391876801/Download link :// removed Edited February 25, 2014 by aelius
criss84 Posted February 24, 2014 Report Posted February 24, 2014 INFECTAT Startup LethalSpoofer.exe (PID: 900 MD5: 329E24D4DFDB2CE14672893F30627D6B) reg.exe (PID: 1940 cmdline: C:\WINDOWS\system32\reg.exe add HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows /v Load /t REG_SZ /d C:\LethalSpoofer.exe /f MD5: C65122B94F7C82065FE86C32CF271F6D) LethalSpoofer.exe (PID: 1796 MD5: B8E0F3294F6EA051200387DCEDFBEBFF) DW20.EXE (PID: 1792 MD5: A981419C39CC02259B8F2DA3974000D9)Joe Sandbox Desktop - Analysis Report 8077
Arcom Posted February 25, 2014 Report Posted February 25, 2014 Dispari in morti tai cu stealeru-l mati cu tot!
666BLODAS666 Posted February 25, 2014 Report Posted February 25, 2014 Bai gogoasa, vii cu cacaturi d-astea pe forum de securitate? Besi in mortii ma-tii si ia un ban permanent.