[tangerina]

You must be registered for see links

The steps to inject from what i know is to inject lua21 into csgo, then infinite.dll.
This geniunely seems like a good pasta but I have no idea whether to inject or not.

 

[Zordon]

i don't have good experience with malware analysis but it looks sus for me



i would assume its for luas but you never know


why?


if you want better analysis ask mods because they are better at doing that

 

[tangerina]

tyvm man

 

[tangerina]

i don't have good experience with malware analysis but it looks sus for me
View attachment 6581


i would assume its for luas but you never know
View attachment 6582

why?
View attachment 6584

if you want better analysis ask mods because they are better at doing that

do i ask them in private?

 

[Zordon]

do i ask them in private?

idk, never asked them. You can just ask them in dm's or mention them but they will see this thread anyways probably

 

[Adurit]

its safe

 

[Giuseppe]

its safe

It is safe but it's not a real cheat, it is a troll, he sent a post for approval, when I injected the cheat in a virtual machine it just started opening rick roll on chrome and spam magnifier in 200%

 

[Giuseppe]

idk, never asked them. You can just ask them in dm's or mention them but they will see this thread anyways probably

 

[Zordon]

It is safe but it's not a real cheat, it is a troll, he sent a post for approval, when I injected the cheat in a virtual machine it just started opening rick roll on chrome and spam magnifier in 200%

that explains ShellExecute lmao

 

[Adurit]

i hope this shit doesnt have a miner

 

[uitecumarde]

oh lmaoo

 

[Giuseppe]

i hope this shit doesnt have a miner

All safe made an extensive analysis on the virtual machine and no traces left behind after rebooting the system (shell:startup | regedit | temp | services | prefetch | windows folder | process hollowing | etc). It does use internet connection so maybe it gets all the data from the victim and sends it to the their server without leaving any traces so that people thinks its just a troll and not an actual malware, but anyways don't inject that

 

[Giuseppe]

haha just analysed it today again and found this, so yeahh don't run that shit, my point was correct it leaves no traces and just send all information needed

 

[Giuseppe]

checked the webhook status today and it was deleted

 

[Adurit]

checked the webhook status today and it was deleted

so they have my data?

 

[Giuseppe]

so they have my data?

why would you ran it at the first place????? the post is literally called "Could anyone verify this dll's safety?"...

 

[Adurit]

why would you ran it at the first place????? the post is literally called "Could anyone verify this dll's safety?"...

idk im ed (should i reset my passwords)

 

[Giuseppe]

if you look at what's being sent it is the {text} which if you look a bit above is C:\User\Lenovo\source\repos\Infinite.new\ImGui\img and ui.h, it doesn't look like something malicious

 

[Giuseppe]

idk im ed (should i reset my passwords)

I don't know, it doesn't look like spooky things were being sent to their webhook but who knows and I'm not spending any more time analysing this troll application

 

[dardabo]

why would you ran it at the first place????? the post is literally called "Could anyone verify this dll's safety?"...

if nothing visually happens, it's safe.