Author Topic: password protected rar files ?  (Read 4239 times)

0 Members and 1 Guest are viewing this topic.

September 03, 2009, 07:40:07 pm
Read 4239 times

cleanmx

  • Special Members
  • Hero Member

  • Offline
  • *

  • 3405
    • Spam-Filter Anti-Spam Virenschutz - CLEAN MX Managed Anti-Spam Service ist die Lösung für Ihr Spam-Problem
hi @all

http://support.clean-mx.de/clean-mx/viruses.php?md5=7de2f0dc2d313fe1b875f35d97e442d0&sort=id%20desc

and all similar files like these ones:

http://support.clean-mx.de/clean-mx/viruses.php?md5=defed34aab32448ace50c74c07be40f2&sort=id%20desc

are all password protected rar files...

any glue ?
Update here link for all these rars: http://support.clean-mx.de/clean-mx/viruses.php?virusname=unknown_arch_rar&sort=id%20desc
Code: [Select]

ls -la ../output.175850.txt
-rw-r--r-- 1 root root 580372 2009-09-03 10:29 ../output.175850.txt



 unrar-free --list ../output.175850.txt

Pathname/Comment
                  Size   Packed Ratio  Date   Time     Attr      CRC   Meth Ver
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
    0                0        0 nan%

September 04, 2009, 01:45:41 pm
Reply #1

RS-232

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 165
As a guess in the wild,i'd probably grab the main "pc antispyware 2010/braviax/whatever" executable and debug it,
because trying via rar password cracking apps will probably take ages,at least according with my past experiences...
Only for the "fun" of it...rs-232 aka sowhat-x aka younameit ;-)
http://www.youtube.com/watch?v=fADjY97_KTw

September 04, 2009, 01:54:44 pm
Reply #2

cleanmx

  • Special Members
  • Hero Member

  • Offline
  • *

  • 3405
    • Spam-Filter Anti-Spam Virenschutz - CLEAN MX Managed Anti-Spam Service ist die Lösung für Ihr Spam-Problem
fine !

good luck !

-- gerhard

September 17, 2009, 08:46:32 pm
Reply #3

bobby

  • Special Members
  • Hero Member

  • Offline
  • *

  • 322
    • Malzilla
If that are files from bots, you may try password "1" (without quotes).

September 17, 2009, 10:41:19 pm
Reply #4

Dobby

  • Special Access
  • Newbie

  • Offline
  • *

  • 3
Hey bobby,

The password ended up being "abcd012345efgh".  See this: http://www.malwaredomainlist.com/forums/index.php?topic=3319.msg11868