Jump to content
View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Featured Replies

Posted

Phrozen RunPE Detector is a security program, especially designed to detect and defeat some suspicious processes using a generic method.

https://www.phrozensoft.com/2015/06/runpe-detector-1

sshot-4.png

sshot-5.png

 

Here a simple anti Phrozen RunPE Detector

 

23.jpg

RunPE Undetected.rar

This solution can bypass  Phrozen RunPE Detector on memory!

I spent 30 minutes on this lame security software ( Phrozen RunPE Detector )

Edited by RDGMax

  • Author

the target is detected:

https://www.metadefender.com/#!/results/file/ZTE2MTAyOXJrQngzUTk5R3h4UzE4ZzJYOTVNbGw/regular/analysis

First uploaded 2016-10-29 21:52:20 GMT
Last scanned 2016-10-29 21:52:20 GMT
Filetype Win32 Executable Microsoft Visual Basic 6
File size 524 KB
MD5 B162D7E8A29DA06EF22F7C3AFF270E05
SHA1 EC6013FB643ED49C22DA2DB51B0DBD1D21C3DB64
SHA256 0BD6FB12A8454C28663F2F773CC3C9E765B55D409461F50CCEEA3C852509D4C8

If you use write Process memory so that wrong way to protect runpe method.

Really I'm not interested to analyze a detected target by virus scan engine.

Regards

 

'wrong way' ? you mean we're not allowed to use apis to patch the process memory of runpe ?

  • Author
12 hours ago, evlncrn8 said:

'wrong way' ? you mean we're not allowed to use apis to patch the process memory of runpe ?

no i did not meant you're own process i meant the detector memory, actually writing to runpe memory is good but not enough to make it FUD.

tray to run the protected by DRGMax and RunPE Detector inside sandboxie then double click on the runpe, then you'll sea  the different.

take a look at this tool:

by the way this topic is not a Anti-RunPE challenge, it is just to inform about Phrozen RunPE Detector.

Regards

01.JPG

Edited by Amer

  • Author

Negative result in case anti dump Method (Zero Memory or Move Memory).

ZeroMem.JPG

Create an account or sign in to comment

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.