Posted January 31, 20196 yr Language : C# Platform : Windows (7,8,10) (x32) OS Version : Windows 7,8,10 (No virtual machine!!!) Packer / Protector : Eddy^Protector 1.0.5 Description : Hello all. I want introduce my hard work. Please try, run and unpack this challenge. Its not confuserEx another mod. Only experienced reverser can unpack this. Sorry if not working for you. For me works, and on many stable OS´s too. And if you have error (0xc00000005) , simply run again it works on next try.. Sorry i have no time to solve that memory leak. Good luck! AV scan: https://www.hybrid-analysis.com/sample/a5f287aeda9145572209fba0738aa6249ab5569f82a705dad73aca5f099f8a5d/5c5355307ca3e13a9e049b1b Screenshot : $input.31.01.2019 19-03-37_lastest.zip Edited January 31, 20196 yr by Eddy^CZ
February 2, 20196 yr Author 15 hours ago, BillsTheGod said: Nice virus! Here's proof that it's not a virus. https://youtu.be/A2_5heW7HR0
February 2, 20196 yr 16 hours ago, BillsTheGod said: Nice virus! oh man, stop using McAfee Edited February 2, 20196 yr by NeoNCoding
February 2, 20196 yr I can confirm this work (after 2nd, run first was (0xc00000005) as the user mentioned) Edited February 2, 20196 yr by SkyCityCZ put 1st instead of second fix
February 9, 20196 yr I do not recommend to run Eddy's crackmes. If you ran these I recommend you to check your: "Appdata\Local\Microsoft\Host Process for Windows Services" because there shouldn't be a folder. I had a file there called "scvhost.exe" inside "Host Process for Windows Services" which was packed with something called !Eddy
February 9, 20196 yr 4 hours ago, Zyhes said: I do not recommend to run Eddy's crackmes. If you ran these I recommend you to check your: "Appdata\Local\Microsoft\Host Process for Windows Services" because there shouldn't be a folder. I had a file there called "scvhost.exe" inside "Host Process for Windows Services" which was packed with something called !Eddy native stub, managed file : he needed to drop the file on disk somewhere hidden ; i doubt there is anything malicious about that file, but it worth a look !
February 10, 20196 yr Author The file is clean. No paranoid search! 😎 Why should I give some malicious programs here? What would be good for?
February 10, 20196 yr Author All is fine. I did only once. And here it is not. Edited February 10, 20196 yr by Eddy^CZ
February 20, 20196 yr Code a proper native loader...don't just drop it like that, doing so is useless and stupid.
Create an account or sign in to comment