Posted October 22, 20168 yr Phrozen RunPE Detector is a security program, especially designed to detect and defeat some suspicious processes using a generic method. https://www.phrozensoft.com/2015/06/runpe-detector-1
October 27, 20168 yr Author Related tool: https://forum.tuts4you.com/topic/38937-adlice-peviewer-roguekillerpe/
October 29, 20168 yr Here a simple anti Phrozen RunPE Detector RunPE Undetected.rar This solution can bypass Phrozen RunPE Detector on memory! I spent 30 minutes on this lame security software ( Phrozen RunPE Detector ) Edited October 29, 20168 yr by RDGMax
October 29, 20168 yr Author the target is detected: https://www.metadefender.com/#!/results/file/ZTE2MTAyOXJrQngzUTk5R3h4UzE4ZzJYOTVNbGw/regular/analysis First uploaded 2016-10-29 21:52:20 GMT Last scanned 2016-10-29 21:52:20 GMT Filetype Win32 Executable Microsoft Visual Basic 6 File size 524 KB MD5 B162D7E8A29DA06EF22F7C3AFF270E05 SHA1 EC6013FB643ED49C22DA2DB51B0DBD1D21C3DB64 SHA256 0BD6FB12A8454C28663F2F773CC3C9E765B55D409461F50CCEEA3C852509D4C8 If you use write Process memory so that wrong way to protect runpe method. Really I'm not interested to analyze a detected target by virus scan engine. Regards
October 30, 20168 yr 'wrong way' ? you mean we're not allowed to use apis to patch the process memory of runpe ?
October 31, 20168 yr Author 12 hours ago, evlncrn8 said: 'wrong way' ? you mean we're not allowed to use apis to patch the process memory of runpe ? no i did not meant you're own process i meant the detector memory, actually writing to runpe memory is good but not enough to make it FUD. tray to run the protected by DRGMax and RunPE Detector inside sandboxie then double click on the runpe, then you'll sea the different. take a look at this tool: by the way this topic is not a Anti-RunPE challenge, it is just to inform about Phrozen RunPE Detector. Regards Edited October 31, 20168 yr by Amer
Create an account or sign in to comment