R4P3 Cracher 3.1 Backdoor

lucas2107 · Jun 14, 2017

Hi,

Admins, can you explain this?

ehthe · Jun 14, 2017

~~Not too up to date on what is released these day. Do you have a forum link for that "r4p3 crasher" plugin ?~~

Other than that maybe you should have done a google search ?
https://www.welivesecurity.com/2017...eat-industrial-control-systems-since-stuxnet/
I don't think we're a state sponsored attack vector (I can't find that plugin on the forum). But you never know ^^
Maybe a false positive ?

EDIT : Is that it https://r4p3.net/threads/r4p3-client-crash-anti-crash-3-1-beta.2953/ ?

32-bit
https://www.virustotal.com/en/file/...6e6ba9b1a8893589df1efdc615435ccc47a/analysis/
https://malwr.com/analysis/ZmQ1MTgxNDJjY2JlNGM0ZTgzYmY2YmE2NmUzNGE0Y2Q/

64-bit
https://www.virustotal.com/en/file/...0f7e2898719e66e18d52a982b27f654a440/analysis/
https://malwr.com/analysis/OGU2OGZjYzA3MmE1NDNlYWE5MmNiYTAyZmM2MTRjMzU/

lucas2107 · Jun 14, 2017

ehthe said:
EDIT : Is that it https://r4p3.net/threads/r4p3-client-crash-anti-crash-3-1-beta.2953/ ?

32-bit
https://www.virustotal.com/en/file/...6e6ba9b1a8893589df1efdc615435ccc47a/analysis/
https://malwr.com/analysis/ZmQ1MTgxNDJjY2JlNGM0ZTgzYmY2YmE2NmUzNGE0Y2Q/

64-bit
https://www.virustotal.com/en/file/...0f7e2898719e66e18d52a982b27f654a440/analysis/
https://malwr.com/analysis/OGU2OGZjYzA3MmE1NDNlYWE5MmNiYTAyZmM2MTRjMzU/

It's that.

I'm using MalwareBytes Premium, I don't really know if it's a false positive, I've sent a mail to them.

dedmen · Jun 20, 2017

lucas2107 said:
It's that.

I'm using MalwareBytes Premium, I don't really know if it's a false positive, I've sent a mail to them.

Congratulations! You are using the only AV that has a false positive on that file

That crasher isn't even encrypted or anything. It's a plain Teamspeak Plugin without any Hacky stuff.

Fantasiak · Jun 23, 2017

R4P3 Cracher 3.1 Backdoor

lucas2107

Member

ehthe

lucas2107

Member

dedmen

Fantasiak

Active Member