Hello Guys. I am not Complaining against sobfox but his Samp Sobfox Asi Seems to Have Some Injected Malware in it.
I Asked it to him in Discord. But I was Banned Suddenly Without any response and My messages were deleted at once..
The Virus Total Report : https://www.virustotal.com/gui/file...67fb22baf8ae5a238fc4016693937c312088/behavior
The Most Suspecious one is -
@SobFoX I am Not Complaining.. I Dont Know If its False Positie.. Please Forgive me if its wrong and Explain me
I Asked it to him in Discord. But I was Banned Suddenly Without any response and My messages were deleted at once..
The Virus Total Report : https://www.virustotal.com/gui/file...67fb22baf8ae5a238fc4016693937c312088/behavior
The Most Suspecious one is -
Defense EvasionTA0005
Rundll32T1218.011
Runs a DLL by calling functions
Virtualization/Sandbox EvasionT1497
Sample may be VM or Sandbox-aware, try analysis on a native machine
Checks if the current process is being debugged
Credential AccessTA0006
Input CaptureT1056
Creates a DirectInput object (often for capturing keystrokes)
DiscoveryTA0007
System Information DiscoveryT1082
Tries to detect virtualization through RDTSC time measurements
Queries the volume information (name, serial number etc) of a device
Reads software policies
Virtualization/Sandbox EvasionT1497
Sample may be VM or Sandbox-aware, try analysis on a native machine
Checks if the current process is being debugged
Security Software DiscoveryT1518.001
Tries to detect virtualization through RDTSC time measurements
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)
AV process strings found (often used to terminate AV products)
Checks if the current process is being debugged
CollectionTA0009
Input CaptureT1056
Creates a DirectInput object (often for capturing keystrokes)
Command and ControlTA0011
Application Layer ProtocolT1071
Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic.
Rundll32T1218.011 Runs a DLL by calling functions |
Virtualization/Sandbox EvasionT1497 Sample may be VM or Sandbox-aware, try analysis on a native machine Checks if the current process is being debugged |
Input CaptureT1056 Creates a DirectInput object (often for capturing keystrokes) |
System Information DiscoveryT1082 Tries to detect virtualization through RDTSC time measurements Queries the volume information (name, serial number etc) of a device Reads software policies |
Virtualization/Sandbox EvasionT1497 Sample may be VM or Sandbox-aware, try analysis on a native machine Checks if the current process is being debugged |
Security Software DiscoveryT1518.001 Tries to detect virtualization through RDTSC time measurements May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) AV process strings found (often used to terminate AV products) Checks if the current process is being debugged |
Input CaptureT1056 Creates a DirectInput object (often for capturing keystrokes) |
Application Layer ProtocolT1071 Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. |
@SobFoX I am Not Complaining.. I Dont Know If its False Positie.. Please Forgive me if its wrong and Explain me
