What's new

Welcome to HvH Forum!

SignUp Now! Download Free HvH CS:GO Cheats, CFG, LUA/JS Scripts, And More!


SignUp Now!
I'm not Plisskien
Administrator
User ID
1
Messages
1,191
Reactions
3,749
Level
99
Reborn Loader is not safe file to use, one of our users made new thread with it. I wouldn't make this thread, but as far I see this loader is even popular software...


Overall reborn Loader is working as normal cheat loader, it will download file from GitHub.com, and it will inject it. (as you can see down below)
chrome_Kx63pXJ9N5.png

There are extra few things, that caught my attention, all these things in my opinion clearly indicate that Reborn Loader is rat, it will seal all browsers passwords, and disable Microsoft Defender/Anti Spyware via registry, also it will write data to remote process, and is able to make screenshots.

1. Tries to disable Windows Defender/Anti Spyware.
chrome_nesgYD8vWy.png
chrome_Phf5p6dQPF.png

Here we can see all processes from this loader, we can clearly see Reborn Loader is trying to disable Windows Defender/Anti Spyware!
chrome_ea6J3hB5hg.png


2. Tries to steal sensitive information. History, Tokens, Metadata etc... (file access)
chrome_gVpUfDzFF3.png
chrome_ToxsEmOUYI.png


3. Calls an API possibly used to take screenshots
chrome_NSs01oES77.png


There is no point in disabling Windows Defender/Anti Spyware in cheat loader, you can do it manually, if you know that loader is trusted software. Also, Reborn Loader is touching files which are sensitive, there is no point in checking Edge folder with all information about sessions, history, metadata etc... I can't also explain why there is imported API used to take screenshots, all these things indicate that Reborn Loader is malware. I downloaded the official version of this loader from telegram channel to check it, same thing. Everything that was included in the forum version is also included in the official version. Don't use this loader, if you want to keep all your data safe! If you have lunched this software, reinstall your windows, and later change all passwords! Don't use ant antivirus software, I would recommend reinstalling your OS instead!

Sources:

Hash: 74ea2c9c1aae0f67f22b5cdcd1261ea39252cb4c2a4219da014f364cac2b42c8

Hybrid-Analysis

VirusTotal:
 
I'm not Plisskien
Administrator
User ID
1
Messages
1,191
Reactions
3,749
Level
99
its safe bro(
Owner of this loader contacted to me, trying to explain everything, but even is this loader is safe, it can be very easily exploited by dev, I just try to say that loader does too many things that it shouldn't do, and imo is make no sense at all.
 
Rookie HvHer
User ID
22495
Messages
33
Reactions
20
Level
9
Reborn Loader is not safe file to use, one of our users made new thread with it. I wouldn't make this thread, but as far I see this loader is even popular software...


Overall reborn Loader is working as normal cheat loader, it will download file from GitHub.com, and it will inject it. (as you can see down below)
View attachment 2802

There are extra few things, that caught my attention, all these things in my opinion clearly indicate that Reborn Loader is rat, it will seal all browsers passwords, and disable Microsoft Defender/Anti Spyware via registry, also it will write data to remote process, and is able to make screenshots.

1. Tries to disable Windows Defender/Anti Spyware.
View attachment 2814
View attachment 2815

Here we can see all processes from this loader, we can clearly see Reborn Loader is trying to disable Windows Defender/Anti Spyware!
View attachment 2806


2. Tries to steal sensitive information. History, Tokens, Metadata etc... (file access)
View attachment 2807
View attachment 2808


3. Calls an API possibly used to take screenshots
View attachment 2811


There is no point in disabling Windows Defender/Anti Spyware in cheat loader, you can do it manually, if you know that loader is trusted software. Also, Reborn Loader is touching files which are sensitive, there is no point in checking Edge folder with all information about sessions, history, metadata etc... I can't also explain why there is imported API used to take screenshots, all these things indicate that Reborn Loader is malware. I downloaded the official version of this loader from telegram channel to check it, same thing. Everything that was included in the forum version is also included in the official version. Don't use this loader, if you want to keep all your data safe! If you have lunched this software, reinstall your windows, and later change all passwords! Don't use ant antivirus software, I would recommend reinstalling your OS instead!

Sources:

Hash: 74ea2c9c1aae0f67f22b5cdcd1261ea39252cb4c2a4219da014f364cac2b42c8

Hybrid-Analysis

VirusTotal:
Got banned from RebornLoader server for sayin the truth ab this 💀1669466708676.png
 
Newbie HvHer
User ID
42805
Messages
1
Reactions
0
Level
1
Owner of this loader contacted to me, trying to explain everything, but even is this loader is safe, it can be very easily exploited by dev, I just try to say that loader does too many things that it shouldn't do, and imo is make no sense at all.
Owner of this loader contacted to me, trying to explain everything, but even is this loader is safe, it can be very easily exploited by dev, I just try to say that loader does too many things that it shouldn't do, and imo is make no sense at all.
1678203349686.png translate
 
Newbie HvHer
User ID
58212
Messages
1
Reactions
0
Level
0
Owner of this loader contacted to me, trying to explain everything, but even is this loader is safe, it can be very easily exploited by dev, I just try to say that loader does too many things that it shouldn't do, and imo is make no sense at all.
To be offended by the fact that he insulted the Russians, and post this topic✅
 
Administrator
User ID
1097
Messages
152
Reactions
838
Level
57
This is quite obviously malware made by someone incompetent. When will people learn that most of these free "multi cheat loaders" are spyware, just go download the cheat .dlls yourself, its not that hard.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Top