Private Internet Access VPN
Liked this post? Then why not share it?
Facebook separator Twitter separator Delicious separator Digg separator Reddit separator StumbleUpon separator Share on LinkedIn

Thread Closed 
 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[Mediafire] Fileice Downloader!
10-01-2011, 11:51 PM (This post was last modified: 10-02-2011 08:41 PM by crazy4cs.)
Post: #1
Download:
Infected post.

Screenshots:
"Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."

"Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."

Enjoy!

Virus scan:
Report date: 2011-10-01 19:01:45 (GMT 1)
File name: fileice_downloader-exe
File size: 1310720 bytes
MD5 hash: 0e94e4ce8b1fa577325ab32f82a9ddbe
SHA1 hash: 6ed002771f7850579bb6afaab6cae8f9d1b19ba2
Detection rate: 0 on...

You have less than 5 posts. Therefore, please reply if you are interested to see full post. NOTE: Don't SPAM or you will be warned or banned.
Find all posts by this user MyIP Hash
10-02-2011, 12:03 AM
Post: #2
does this even work??
Find all posts by this user MyIP Hash
10-02-2011, 12:07 AM
Post: #3
Post LINK to virus scan, not at all interested in your text scan results, they can be nicely faked, moreover I don't trust this as fileice allows credits wise downloads.

"Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links." | "Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."
Visit this user's website Find all posts by this user MyIP Hash
10-02-2011, 12:57 AM
Post: #4
Antivirus results
AhnLab-V3 - 2011.10.01.00 - 2011.10.01 - -
AntiVir - 7.11.15.84 - 2011.09.30 - -
Antiy-AVL - 2.0.3.7 - 2011.10.01 - -
Avast - 6.0.1289.0 - 2011.10.01 - -
AVG - 10.0.0.1190 - 2011.10.01 - -
BitDefender - 7.2 - 2011.10.01 - Gen:Heur.MSIL.Agent.11
ByteHero - 1.0.0.1 - 2011.09.23 - -
CAT-QuickHeal - 11.00 - 2011.09.30 - -
ClamAV - 0.97.0.0 - 2011.10.01 - -
Commtouch - 5.3.2.6 - 2011.10.01 - -
Comodo - 10306 - 2011.10.01 - -
DrWeb - 5.0.2.03300 - 2011.10.01 - -
Emsisoft - 5.1.0.11 - 2011.10.01 - Trojan-Dropper.Small!IK
eSafe - 7.0.17.0 - 2011.09.27 - -
eTrust-Vet - 36.1.8591 - 2011.09.30 - -
F-Prot - 4.6.2.117 - 2011.09.30 - -
F-Secure - 9.0.16440.0 - 2011.10.01 - Gen:Heur.MSIL.Agent.11
Fortinet - 4.3.370.0 - 2011.10.01 - -
GData - 22 - 2011.10.01 - Gen:Heur.MSIL.Agent.11
Ikarus - T3.1.1.107.0 - 2011.10.01 - Trojan-Dropper.Small
Jiangmin - 13.0.900 - 2011.10.01 - -
K7AntiVirus - 9.113.5227 - 2011.10.01 - -
Kaspersky - 9.0.0.837 - 2011.10.01 - -
McAfee - 5.400.0.1158 - 2011.10.01 - -
McAfee-GW-Edition - 2010.1D - 2011.10.01 - -
Microsoft - 1.7702 - 2011.10.01 - -
NOD32 - 6509 - 2011.10.01 - a variant of MSIL/Injector.IR
Norman - 6.07.11 - 2011.10.01 - -
nProtect - 2011-10-01.01 - 2011.10.01 - -
Panda - 10.0.3.5 - 2011.10.01 - -
PCTools - 8.0.0.5 - 2011.10.01 - -
Prevx - 3.0 - 2011.10.01 - -
Rising - 23.77.04.01 - 2011.09.30 - -
Sophos - 4.69.0 - 2011.10.01 - -
SUPERAntiSpyware - 4.40.0.1006 - 2011.10.01 - -
Symantec - 20111.2.0.82 - 2011.10.01 - -
TheHacker - 6.7.0.1.315 - 2011.10.01 - -
TrendMicro - 9.500.0.1008 - 2011.10.01 - -
TrendMicro-HouseCall - 9.500.0.1008 - 2011.10.01 - -
VBA32 - 3.12.16.4 - 2011.09.30 - -
VIPRE - 10636 - 2011.10.01 - -
ViRobot - 2011.10.1.4699 - 2011.10.01 - -
VirusBuster - 14.0.243.0 - 2011.10.01 - -
File info:
MD5: 30f0677daa568f8f0c2dce239b0bd8f5
SHA1: 646df07ea0f19ae0813bfbe1b164593bdde4891f
SHA256: 4524bb81440447067235ec9734fb83df848c2072737f968fd8ada08d96080861
File size: 4362240 bytes
Scan date: 2011-10-01 19:19:08 (UTC)

[Image: snail_by_luchkina.gif]
"Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."
Visit this user's website Find all posts by this user MyIP Hash
10-02-2011, 06:46 AM
Post: #5
This is obviously fake i don't even think FileIce has premium accounts yet last time i checked they had not.

[Image: 1808sDD]
Sneakin in through the back door, fruity MC's get ambushed
Rammed and squooshed, slammed and pushed, crammed and mushed
Then I'm movin on down from the right to left
So bite the meth or prepare to fight to death.
Find all posts by this user MyIP Hash
10-02-2011, 09:43 AM
Post: #6
They don't xDD

Like the scan says, its an injector. Probably a backdoor/stealer crypted with the option of injection into a system process to protect it. Yet skids like him fail to realize that such tools don't exist, so they can sit in their gmail account for the next 4 hours after posting and be like YEAH ub3r l33t h4ck g4m3 0n br0!
Find all posts by this user MyIP Hash
10-02-2011, 07:44 PM
Post: #7
Ok I have download and opened the file [Lol Joke I would never do that]

Ok I downloaded the file to analyse it and this is what I have found out.
--> It was created in VB.
--> Why would you have a RunPE on your file.
--> Why would you have System. Security.Cryptography.
--> Why would you have a file that executes when you open the file. This file is called svchost.exe
--> Some error message saying trololol.
--> DecryptStringAES.


Your lucky that some of your files are encrypted and I need a pass to decrpyt it. Otherwise I would've gotten hold of the account that you used in there.

So here you go Ubers members. This is clearly shown that this is a some type of server. Could be a RAT or a keylogger. Please crazy4cs remove the link immediately so noobs don't download this and ban this kid.

[Image: epic-boat-crash.gif]
Visit this user's website Find all posts by this user MyIP Hash
10-02-2011, 07:53 PM
Post: #8
tsk tsk someone will receive the ban hammer
Find all posts by this user MyIP Hash
10-02-2011, 08:24 PM
Post: #9
By the way this is the link to NoVirusThanks. In which he might have faked it. "Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."

[Image: epic-boat-crash.gif]
Visit this user's website Find all posts by this user MyIP Hash
10-02-2011, 08:41 PM
Post: #10
Banned for two weeks and warned, next time report such posts with reason selected as "Infected Post or Content", there are lot of threads, we cannot check every thread, that is why REPORT option is for.

Those who downloaded, please consider running scans with Malwarebytes or request any help in White Hat section.

"Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links." | "Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."
Visit this user's website Find all posts by this user MyIP Hash
Thread Closed 


Forum Jump: