What's new

Welcome to HvH Forum!

SignUp Now! Download Free HvH CS:GO Cheats, CFG, LUA/JS Scripts, And More!


SignUp Now!
Yes please!
User ID
23347
Messages
14
Reactions
8
Level
6
Arctic.tech is a new free cheat in dll.

Im not sure but when reversing the unpacked (upx packed) dll. I saw python, connecting to ip, vt
(mb false inf idk orcusrat and malware): https://www.virustotal.com/gui/file...7241334d7c1badfdd376f0f6004e27783bb9a272f086/

And this is only packed version. But you dont really need to unpack it, also its perfecthook
(github search: ).

Conclusion: The cheat is pasted from an old hack but fixed and a lot better, meanwhile connecting to an ip, executing python, detecting debug softwares.
Its doing smth in java. This does not make the cheat a rat or malware but really acts like one.

Registry Keys Deleted​

\REGISTRY\A\{77e7cc7c-ef64-f0c4-295f-c52413119073}\Root\InventoryApplicationFile\PermissionsCheckTestKey
image.png

image.png

image.png
 
Last edited by a moderator:
I'm not Plisskien
Administrator
User ID
1
Messages
1,193
Reactions
3,734
Level
99
Arctic.tech is a new free cheat in dll.

Im not sure but when reversing the unpacked (upx packed) dll. I saw python, connecting to ip, vt (mb false inf idk orcusrat and malware): https://www.virustotal.com/gui/file...7241334d7c1badfdd376f0f6004e27783bb9a272f086/

And this is only packed version. But you dont really need to unpack it, also its perfecthook (github search: ).

Conclusion: The cheat is pasted from an old hack but fixed and a lot better, meanwhile connecting to an ip, executing python, detecting debug softwares.
Its doing smth in java. This does not make the cheat a rat or malware but really acts like one.

Registry Keys Deleted​



  • \REGISTRY\A\{77e7cc7c-ef64-f0c4-295f-c52413119073}\Root\InventoryApplicationFile\PermissionsCheckTestKey
    image.png
    image.png
    image.png
coule u provide sample?
 
Yes please!
User ID
23347
Messages
14
Reactions
8
Level
6
packed dll
 

Password for .zip file is hvh.net

  • ArcticTech.zip
    1.6 MB · Views: 28
I'm not Plisskien
Administrator
User ID
1
Messages
1,193
Reactions
3,734
Level
99
packed dll
This DLL is not packed, also seems to be safe, but entropy is a bit high in two sections of this PE.
Also keep in mind that any website like VT will include all other applications that are running in background (windows native applications), thus looking at these behaviors for DLL file is not good idea, it will be only suitable for normal exe file that is not requiring other process like CS to run.

P.S I zipped file
 
Rookie HvHer
User ID
38240
Messages
141
Reactions
20
Level
20
This DLL is not packed, also seems to be safe, but entropy is a bit high in two sections of this PE.
Also keep in mind that any website like VT will include all other applications that are running in background (windows native applications), thus looking at these behaviors for DLL file is not good idea, it will be only suitable for normal exe file that is not requiring other process like CS to run.

P.S I zipped file
can i use it ?
 
COCABOSS2017
User ID
34152
Messages
13
Reactions
4
Level
6
theres a public source avaiable on yg, therefore i didn't deeply look into the source only besides the fact thats pasted airflow.su lol
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Top