強烈要求Admin做野 唔好再視而不見 Husky #1402 多次重複我出d post

#狗又黎料

來自清晨的Husky VIRUS report

針對我所放既文件: HKG CS1.6 By C0RE.exe, 其他唔評論
我所用到既steam game crack/patch如下
1.
steam.dll:
https://www.virustotal.com/#/file/d6e5f07ff9fbed6a29be9524e5ec13eaf5fcbcdd36e59fc8f6029e44d3487e79/detection

2.
steamclient.dll:
https://www.virustotal.com/#/file/107b99f21fe0c12c17680173bfcc1e04e896b5c082f7f0b3a9c691a7d3295d6f/detection
比牙井參考下: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=HackTool:Win32/GameHack
Hacktools can be used to patch or "crack" some software so it will run without a valid license or genuine product key.

3.
revSrvBrowser.dll: 咁岩既 又係 ClamAV
https://www.virustotal.com/#/file/94c7a655cae2f2ede1866f081fd1d8ba444e2e70c9b2756338bba425f1afabda/detection
有2舊野都係得ClamAV話有毒 其他都話冇 可信性有幾多呢
至於另一個 M$幫我解答左 同埋 其他都話冇
crack from https://cs.rin.ru

唔關事既patch
4. 比1.6食到unicode既patch
upatch.dll: safe
https://www.virustotal.com/#/file/0a81945af381f8ae30d019eaaa4e7527c5ca6baa931da6407663a5ed3c8adaa1/detection

5. 比4554版打中文既patch
hw.dll
https://www.virustotal.com/#/file/6543b7b0cedba086ccfac5f52e27b461abdb72698779aec1981ffec304a8a2dc/detection
hwpatcher.dll
https://www.virustotal.com/#/file/ff0eab0171830f48cdb2812ae4e4408a67de3e9d2ef971b511901534797bc660/detection

仲唔撚關事既exe
6.
cstrike.exe: wadiu 牙井終於捉到我了
https://www.virustotal.com/#/file/4df4df7dc5f15cbe95fcb01de7a6b53288e8de6bc41b6529f9a385298630b5e8/detection
再參考下M$講咩先:
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=TrojanDownloader%3AWin32%2FBanload
trojans that steal banking credentials and other sensitive data, and send it back to a remote attacker.
都痴撚線既

唔緊要 到底係咪真係咁呢?
等我reverse黎睇睇下

驚牙井睇唔明opcodes 所以比張易睇D既

咦 用到GetCurrentDirectoryA, wsprintfA同ShellExecuteA
呢幾個咩function黎架?
https://docs.microsoft.com/en-us/windows/desktop/api/winbase/nf-winbase-getcurrentdirectory
https://docs.microsoft.com/en-us/windows/desktop/api/winuser/nf-winuser-wsprintfa
https://docs.microsoft.com/en-us/windows/desktop/api/shellapi/nf-shellapi-shellexecutea

假設我裝個CS1.6係C drive C:\HKG CS1.6 By C0RE
Line 7: 拎目前路徑 放落char Buffer 到
Line 8: 砌條Parameters string出黎 -game cstrike -steam %s
%s咩黎? 假設command line有野咪放落條string到囉 依家當冇
Line 9: 再砌多條File string出黎, 拎番Line7得落既char放番入去
Line 10:

open
Opens the item specified by the lpFile parameter. The item can be a file or folder.

咁根據Line 7-9 砌埋一舊姐係 C:\HKG CS1.6 BY C0RE\hl.exe -game cstrike -steam
姐係咩? 用黎開game既program囉屌
我想知邊條on9仔寫多D 放落.bat到咪搞掂

收到wind樓豬又無覆診

井師傅

不如攝高枕頭諗下點解冇人入你嗰個

究竟有幾小學雞先仲玩告人

出黎隻秋啦

人又中文字 你雖然差d味又係中文

又扮盲啦

咁變態！？有冇報驚??

改乜呀，盲左？

兩隻小學雞=.=

佢點搞你？

55

屌你老母改乜撚呀

人地搵緊
比D時間牙井OK?

下年聖誕見

有證據未呀，垃圾

下年應該有

牙井又發功