Skip navigation.
Home

M8Z files :)

| | |

does someone know about the "packer" that makes a MZ look like M8Z? there are some droppers and loaders that have that MZ inside.. So if you have any info or know about some tools.. I'd appreciate. Of course, it would be nice if I'd reverse it.. but .. the time is my enemy :) a sample cand be found with http://www.offensivecomputing.net/?q=ocsearch&ocq=3ed060817d9d380249a5b7465efb07e2 (but it's not "the best" sample since it obfuscated :( )

TIA.

Trojan.Pakes.cdk - DNSclient.dll (exe)

looks to me as a homemade packer, do you have any more samples ? :)

AV's said its: Trojan.Pakes.cdk

Is this DNSclient static

Is this DNSclient static name?

If so,one here and quite the elusive little rascal.

yup its "hardcoded" :)

yup its "hardcoded" :)

4u http://www.offensivecomput

4u
http://www.offensivecomputing.net/?q=ocsearch&ocq=226e19d0acc41cf27b2ea327cabb1e06

Most likely, it is an aPlib

Most likely, it is an aPlib compression library (free for non-commercial usage)

thanks.

will look at it.
[edit] ECk you were absolutely, perfectly right. thanks a lot. I owe you one :)