Could anyone verify this dll's safety?

tangerina · 5/18/24

You must be registered for see links

The steps to inject from what i know is to inject lua21 into csgo, then infinite.dll.
This geniunely seems like a good pasta but I have no idea whether to inject or not.

Zordon · 5/18/24

i don't have good experience with malware analysis but it looks sus for me

i would assume its for luas but you never know

why?

if you want better analysis ask mods because they are better at doing that

tangerina · 5/18/24

tyvm man

tangerina · 5/18/24

Zordon said:
i don't have good experience with malware analysis but it looks sus for me
View attachment 6581

i would assume its for luas but you never know
View attachment 6582

why?
View attachment 6584

if you want better analysis ask mods because they are better at doing that

do i ask them in private?

Zordon · 5/18/24

tangerina said:
do i ask them in private?

idk, never asked them. You can just ask them in dm's or mention them but they will see this thread anyways probably

Adurit · 5/18/24

its safe

Giuseppe · 5/18/24

Adurit said:
its safe

It is safe but it's not a real cheat, it is a troll, he sent a post for approval, when I injected the cheat in a virtual machine it just started opening rick roll on chrome and spam magnifier in 200%

Giuseppe · 5/18/24

Zordon said:
idk, never asked them. You can just ask them in dm's or mention them but they will see this thread anyways probably

Zordon · 5/19/24

Giuseppe said:
It is safe but it's not a real cheat, it is a troll, he sent a post for approval, when I injected the cheat in a virtual machine it just started opening rick roll on chrome and spam magnifier in 200%

that explains ShellExecute lmao

Adurit · 5/19/24

i hope this shit doesnt have a miner

uitecumarde · 5/19/24

Giuseppe said:

oh lmaoo

Giuseppe · 5/19/24

Adurit said:
i hope this shit doesnt have a miner

All safe made an extensive analysis on the virtual machine and no traces left behind after rebooting the system (shell:startup | regedit | temp | services | prefetch | windows folder | process hollowing | etc). It does use internet connection so maybe it gets all the data from the victim and sends it to the their server without leaving any traces so that people thinks its just a troll and not an actual malware, but anyways don't inject that

Giuseppe · 5/19/24

haha just analysed it today again and found this, so yeahh don't run that shit, my point was correct it leaves no traces and just send all information needed

Giuseppe · 5/19/24

checked the webhook status today and it was deleted

Adurit · 5/19/24

Giuseppe said:
checked the webhook status today and it was deleted

so they have my data?

Giuseppe · 5/19/24

Adurit said:
so they have my data?

why would you ran it at the first place????? the post is literally called "Could anyone verify this dll's safety?"...

Adurit · 5/19/24

Giuseppe said:
why would you ran it at the first place????? the post is literally called "Could anyone verify this dll's safety?"...

idk im ed (should i reset my passwords)

Giuseppe · 5/19/24

if you look at what's being sent it is the {text} which if you look a bit above is C:\User\Lenovo\source\repos\Infinite.new\ImGui\img and ui.h, it doesn't look like something malicious

Giuseppe · 5/19/24

Adurit said:
idk im ed (should i reset my passwords)

I don't know, it doesn't look like spooky things were being sent to their webhook but who knows and I'm not spending any more time analysing this troll application

dardabo · 5/19/24

Giuseppe said:
why would you ran it at the first place????? the post is literally called "Could anyone verify this dll's safety?"...

if nothing visually happens, it's safe.

Could anyone verify this dll's safety?

Newbie HvHer

Expert HvHer

Newbie HvHer

Newbie HvHer

Expert HvHer

‎

Wine Lover

Wine Lover

Expert HvHer

‎

Newbie HvHer

Wine Lover

Wine Lover

Wine Lover

‎

Wine Lover

‎

Wine Lover

Wine Lover

Rookie HvHer

Similar threads

Privacy & Transparency

Privacy & Transparency