SyncFuture Spyware's Clever Avast Evasion: GUI Tricks to Bypass IDP Exclusions in China-to-India Campaign

[nickstar1]

what is you're take good bad just curious? All i got out of that was the code was deeply obfuscated.

done interesting insight on malwarebytes

MalwareBytes internals (incomplete) | malware source code

malwaresourcecode.com

 

[cartaphilus]

Logic can save me; why dispalying tax report necessitates executing an executable?
You will say the exe is disguised as pdf; okay, why not R click the file to check its properties in two seconds?

Wait, have you ever met the average tax payer?

 

[Parkinsond]

Wait, have you ever met the average tax payer?

Nor the tax-man

 

[Jonny Quest]

Logic can save me; why dispalying tax report necessitates executing an executable?
You will say the exe is disguised as pdf; okay, why not R click the file to check its properties in two seconds?

In Windows Explorer would enabling by default, View/Show/File name extensions, also work, or not in this case you all are talking about?

 

[Parkinsond]

In Windows Explorer would enabling by default, View/Show/File name extensions, also work, or not in this case you all are talking about?

Both can work, but as I very rarely download files from email messages, viewing file extensions all the time would be unfeasible.

File proterties will do the job on such rare occasions.

 

[Khushal]

what is you're take good bad just curious? All i got out of that was the code was deeply obfuscated.

good mostly i just wanted to show u and others why sometimes malwarebytes or its extension gets flagged by AVs bcoz of its extreme obfuscation

 

[nickstar1]

good mostly i just wanted to show u and others why sometimes malwarebytes or its extension gets flagged by AVs bcoz of its extreme obfuscation

Malwarebytes and AVG ultimate will always have a place in my heart.