August 1, 201411 yr hm what for new challenge is this are you kidding me or whant kiding orther members,you can not input anithing and my av pop up and i check you what ever now again.on are av online site becarfull orther members.the pe is manipulatet.and what ist this ?00401290 . 32 DB 32 ; CHAR '2'00401291 . 62 64 61 32 39 39 38 64>ASCII "bda2998d9b0ee197"004012A1 . 64 61 31 34 32 61 30 34>ASCII "da142a0447f67253"004012B1 . 37 35 39 38 64 61 64 38>ASCII "7598dad8f8805ce7"004012C1 . 30 38 ASCII "08"004012C3 . 62 DB 62 ; CHAR 'b'004012C4 . 61 38 63 34 66 36 37 63>ASCII "a8c4f67ce367639b"004012D4 . 61 65 39 61 63 36 62 33>ASCII "ae9ac6b3e1a84ceb"004012E4 . 62 37 62 34 30 33 32 39>ASCII "b7b403297b794015"004012F4 . 65 39 63 65 34 33 65 64>ASCII "e9ce43edfb0668dd"00401304 . 61 61 39 37 33 65 62 63>ASCII "aa973ebc7e87716f"00401314 . 36 62 33 30 35 39 38 62>ASCII "6b30598ba30945d8"00401324 . 34 34 ASCII "44"00401326 38 DB 38 ; CHAR '8'00401327 35 DB 35 ; CHAR '5'00401328 65 DB 65 ; CHAR 'e'00401329 36 DB 36 ; CHAR '6'0040132A 31 DB 31 ; CHAR '1'0040132B 63 DB 63 ; CHAR 'c'0040132C 31 DB 31 ; CHAR '1'0040132D 30 DB 30 ; CHAR '0'0040132E 32 DB 32 ; CHAR '2'0040132F 37 DB 37 ; CHAR '7'
August 2, 201411 yr Author Thanks xSRTsect @accede: av is false possitive as always! the binary's size is small, you can decomplie part of the code (you did on data part) and see Have fun. Edited August 2, 201411 yr by jo03
August 2, 201411 yr No - this seems a normal , non harmful PE file, excluding any tls callback code that I haven't checked. And my av doesn't ring about it, but even if it did it would be one more reason to analyse it - I mean are you reversers or what?...
August 2, 201411 yr I was just just wondering because that's the first target is where my av starts.it is clean, I've seen even now apologize for my false accusation.a question I had but I can see why checks and four corner when I here that a8c4f67ce367639b alls use serial.
August 4, 201411 yr That's corrected one I solved this by using bruteforce. 4 cores, it took 20 minutes. Is there another way?
Create an account or sign in to comment