A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #20741  by TheExecuter
 Sat Sep 07, 2013 6:43 pm
attached malware is in .cpl form.
changed to .dll so no one accidentally opens it.
anyone can shed some light on what this exactly is?
Attachments
password:infected
(740.89 KiB) Downloaded 60 times
 #20752  by EP_X0FF
 Mon Sep 09, 2013 2:48 am
Assume it is sort of script-kiddie downloader. Lots of VCL and other CodeGear crap runtime inside, including ZipForge component to unpack this (link hardcoded) hxxp://www.4shared.com/download/zc6pAtza/new.zip which is unavailable.
 #20760  by TheExecuter
 Mon Sep 09, 2013 5:00 pm
seems trash then.
even i found new.zip unavailable, but i thought it was more than a downloader. =|
the guy who sent me said its meant to be ATS. O_O
trash please.