Jump to content
Tuts 4 You

How to deobfuscate this malware ?


Recommended Posts

24 minutes ago, BlackHat said:

Hi, His Unpacker is for Vanilla Only not for Modded Version. 


Thank,but I can't find Unpacker for Modded Version. May poorly searched. Do you have thoughts how unpack this sample?

Link to comment
Share on other sites

  • 2 months later...
  • 9 months later...

Futhermore, We can see that this is beds constants and anti-tamper from the fake attributes, you can see that this is beds 1.4.1. If you have been looking into beds obf, you will recognise the fake attributes and the constants. 



Edited by Junk
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...