[RickDangerous]

I just finished (!!!) bruteforcing a pup. Nothing found ofcourse, but why did it stop? I thought it was supposed to go through all 2^32 combinations?

[eliteforces]

Be careful.

Antivirus Result Update AhnLab-V3 - 20120203 AntiVir - 20120203 Antiy-AVL - 20120203 Avast - 20120203 AVG - 20120203 BitDefender - 20120203 ByteHero - 20120128 CAT-QuickHeal - 20120203 ClamAV Trojan.Bredolab-993 20120203 Commtouch - 20120203 Comodo - 20120203 DrWeb - 20120203 Emsisoft - 20120203 eSafe - 20120202 eTrust-Vet - 20120203 F-Prot - 20120201 F-Secure - 20120203 Fortinet - 20120203 GData - 20120203 Ikarus - 20120203 Jiangmin - 20120203 K7AntiVirus - 20120203 Kaspersky - 20120203 McAfee - 20120203 McAfee-GW-Edition - 20120203 Microsoft - 20120203 NOD32 - 20120203 Norman W32/Bredolab.B!genr 20120203 nProtect - 20120203 Panda - 20120203 PCTools - 20120201 Prevx - 20120203 Rising - 20120118 Sophos - 20120203 SUPERAntiSpyware - 20120203 Symantec - 20120203 TheHacker - 20120203 TrendMicro - 20120203 TrendMicro-HouseCall - 20120203 VBA32 - 20120203 VIPRE - 20120203 ViRobot - 20120203 VirusBuster - 20120203

Trojan.Bredolab is a Trojan horse that downloads and executes files from the Internet. It may arrive on the computer through email or a drive-by download. The Trojan also attempts to avoid detection by employing several evasion techniques. Infection Bredolab has been observed using the following two primary methods of distribution: Drive-by download Email A drive-by-download may occur when a user visits a website that has been rigged to contain an exploit. The exploit causes malware to be downloaded on to the user's computer without his or her consent. The email distribution method employs social engineering tricks to convince the user to open the attachment in the email. All of the emails are crafted in such a way as to appear as legitimate as possible in order to deceive the user. It is also common for the threat to reuse themes but with slight variations on the body of the message and the attachment names. For example, these themes have already been observed: Western Union free money UPS delivery failures Shop.corsair.com shipping confirmations Facebook password changes Functionality The primary function of this threat is to download more malware on to the compromised computer. It is likely that the authors of the threat are associated with affiliate schemes that are attempting to generate money through the distribution of malware. The threat may also be used to help construct a bot network that can be sold or hired for monetary gain. Self-protection It also employs the following techniques in order to avoid detection: Server-side polymorphism - the threat constantly changes its method of packing and its appearance in order to avoid detection Anti-debugging tricks - the threat performs checks to determine whether it is executing within a debugging environment Encoded communication - all communication between the threat and the remote server uses encryption

[RickDangerous]

Thanks for the heads up, eliteforces. I always run untrusted programs in VMware

[denero1]

Originally Posted by eliteforces Be careful.

so the 15 post and 2012 join date didnt give him away >.>

beware the newbie with the miracle fix lol

[RickDangerous]

The author has released a new version if anyone is interested:
http://www.mediafire.com/?nrd42kofpwt8dk7
Edit: link fixed

[Nateblitz16]

Originally Posted by denero1 so the 15 post and 2012 join date didnt give him away >.> beware the newbie with the miracle fix lol

shut up woody lol >.>

[enosrasun]

I think this app work,I have scan some files from 4.00 unpacked pup and on some of them stop an show another window but blank

[reptor]

I'm getting the same outcome. A small blank window pops up.

[Toufik]

OMG I HAVE KEYS !!!!



... --'

[mrc1978]

Originally Posted by Toufik OMG I HAVE KEYS !!!! ... --'

I have a penis, so its all good