Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Members of freshwap.net post infected files

CodeExplorer
CodeExplorer
in Malware Reverse Engineering

Featured Replies

Posted

Links to infected files:

xttp://www.freshwap.net/forums/applications/200445-aoa-dvd-ripper-5-1-9-1208-a.html

xttp://www.freshwap.net/forums/applications/201009-cute-ftp-pro-v8-3-2-build-09-02-2008-1-a.html

xttp://www.freshwap.net/forums/applications/201788-winrar-3-80-pro.html

from what I saw all his posts contains same malware:

xttp://www.freshwap.net/forums/applications/index1083.html?sort=postusername&order=asc&daysprune=-1

lemutyt210 had 60 post now has 70! How many peoples will be infected whit files posted by him?

This sucker also removed .NFO of cracks so you won't have any contact information!

The file is a Rar SFX archive (self extracting archive), also the file has a password:

this is why any online antivirus won't detect any virus.

When you execute the archive the content of archive will be extracted under temporary directory using the password, the malicious code will be executed and after that the original file.

You can see if you:

Enter inside the archive using WinRar and click View under any exe file: Winrar will open the enter password dialog!

Here is the threatexpert result:

http://www.threatexpert.com/report.aspx?md...cc80d4b5dd5c37f

------------

Is not the only warez website which post infected viruses:

xttp://loweimages.com/

xttp://xwarezzz.com/

xttp://21.hotfunspace.com/

Edited by CodeRipper

damn, people like that i really can't understand.. they're only good for one thing, that being that you take them outside and clean your shoes by kicking them repeatedly :)

    •
    • Like 1

    Someone else who uses ThreatExpert - finally ;)

    Anyways, I've dealt with malware in this form many a time; one that uses some form of self-extracting archive (Be it ZIP, 7z, RAR, etc) to extract a program, then execute said program.

    Regardless, nice job on the report.

    thts the reason why you should never run sfx

    standard releases are always either zip or rar

    • 3 weeks later...

    thx for the warrning!

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.