Return Styles: Pseud0ch, Terminal, Valhalla, NES, Geocities, Blue Moon. Entire thread

JAVA Malicious Code Analysis Request

Name: Anonymous 2013-05-21 17:28

So, i entered in contact with a probably malicious file, i was able to find the .jar file, and could decompile it with JD GUI, here's the source code i got :

http://pastebin.com/1f453jSE

Does anyone know EXACTLY what is it doing?
It seems to be copying, editing windows registry files, what can be done with them?

Infinite Thanks if someone help :)

Name: Anonymous 2013-05-22 22:55

I've done this because I can. OP, this is the source of the program, minus JNA, decompiled, deobfuscated, and made slightly more readable.

http://www.4shared.com/zip/NCfgc2RQ/prog-thing-src.html

You can probably tell, it's installing browser addons and shoving itself into the 'run' key in the registry.

Also, I did the same for the browser extensions it bundles.
Newer Posts
Don't change these.
Name: Email:
Entire Thread Thread List
All trademarks and copyrights on this site are owned by their respective parties. All comments and posts are the responsibility of their own posters.
- Tinychan + 2ch Mode -