Legacy jade dynasty private server6/23/2023 ![]() ![]() So, in reality, all it does is send an e-mail using Gmail. It will then display a page with a button, which just gives an error when clicked upon. If the e-mail is send succesfully, it will display that the server was installed succesfully: Going through the code, I can confirm that the only thing it does, is to send an e-mail (more on that later). When you run the application, it initially doesn't do anything until you get to the login-page. In fact, it uses a plugin to handle the mail sending, which I suppose is the reason why this tool was chosen in the first place. ![]() Being built in AMS, it's far from real programming. There are some image files included, including Pyre Fierceshot renamed as "Kyle":Īt this point, we don't see anything special - however, with my unpacking, I was able to go through the code of the application. I went ahead and unpacked the malware, which is in reality just a AutoPlay Media Studio application which is used to build interactive CD-menus (when that was still relevant). ![]() This has been written with the single purpose of collecting login information about Guild Wars accounts. With my analyzing of the malware, I can verify that it doesn't contain anything else like a private server or does anything even close like it reports to. It also contains a few images, which you can see when the tool runs, and some that aren't used. The reason why this file is so large, is because it contains a video (containing a trailer for GW) which is 82.7 MB big. The malware itself presents itself as a 92 MB file, but in reality it's about 10 MB big. So, this will be the final write-up I hope about the malware. ![]()
0 Comments
Leave a Reply. |