Jump to content

View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS

Tap the Share icon in Safari
Scroll the menu and tap Add to Home Screen.
Tap Add in the top-right corner.

To install this app on Android

Tap the 3-dot menu (⋮) in the top-right corner of the browser.
Tap Add to Home screen or Install app.
Confirm by tapping Install.

Tuts 4 You A Reverse Engineering Community

Tuts 4 You A Reverse Engineering Community

Existing user? Sign In
Sign In

Email Address

Password

Remember me
Not recommended on shared computers

Forgot your password?
Sign Up

Deobfuscate a malicious program

Posted May 4, 20205 yr

Hello guys, I have a program here that is intercepting data and sending to a server, I need to be able to read a function called "Ss" that receives a payload as a parameter, he is obfuscated by net reactor 4.5+, I found out that he is intercepting information when I analyzed the websocket traffic using the Wireshark. Could someone deobfuscate the program for me or help me in the process?

May 4, 20205 yr

Hello there ,

Since the malware is protected with reactor , you can try to use De4dot moded by shadow .
https://forum.tuts4you.com/topic/36587-crackmenet-reactor-modded/?tab=comments#comment-172352

regards

May 4, 20205 yr

Author

shit...

1

Create an account or sign in to comment

Register a new account

Sign In Now

https://forum.tuts4you.com/topic/42151-deobfuscate-a-malicious-program/

Go to topic listing

Chrome (Android)

Tap the lock icon next to the address bar.
Tap Permissions → Notifications.
Adjust your preference.

Chrome (Desktop)

Click the padlock icon in the address bar.
Select Site settings.
Find Notifications and adjust your preference.