Whats up with this guy ??

Discussion in 'General Discussion' started by Microsoft, Feb 18, 2015.

  1. Microsoft

    Microsoft Well-Known Member Legacy

    Messages:
    2,361
    Likes:
    2,512
    Ratio:
    1.44
    A guy from the forums called Desmond88 asks me to remove NetSeal from his file.
    He then sends me an setup.exe file, and the file itself hides..
    After installing, the program tiself opens NetSeal..

    Seems very fake, especialy since its hidden after run.
    I think he ratting people.


    PM Confirmation: http://gyazo.com/17b...d4387d2071cb54f

    Malware Scan: https://malwr.com/an...WYyNzg3MWRlZTE/
    Code:
    Select All
    Hi iam desmond von CC [11:17:18 PM] *** -Microsoft- ™ would like to add you on Skype Hi Oesterhase, I'd like to add you as a contact. *** [11:17:22 PM] -Microsoft- ™: hi mate [11:18:18 PM] *** Oesterhase has shared contact details with -Microsoft- ™. *** [11:18:31 PM] Oesterhase: you can crack ImminentMonitor? [11:18:42 PM] -Microsoft- ™: Hi [11:18:43 PM] -Microsoft- ™: its netseal ? [11:18:45 PM] Oesterhase: yes [11:18:51 PM] -Microsoft- ™: sent it over [11:18:52 PM] -Microsoft- ™: or link me [11:19:16 PM] Oesterhase: https://www.dropbox.com/s/ng5mmau5ljx51pe/setup.zip?dl=0 [11:19:35 PM] -Microsoft- ™: what does this program do bro? [11:19:39 PM] Oesterhase: ist a RAT [11:19:53 PM] Oesterhase: with good functions ... [11:20:01 PM] -Microsoft- ™: o lol [11:20:01 PM] -Microsoft- ™: k [11:20:19 PM] Oesterhase: i have lifetime but its shit to Need netseal [11:21:19 PM] -Microsoft- ™: okj [11:21:22 PM] -Microsoft- ™: il crack it now [11:21:22 PM] -Microsoft- ™: [11:21:26 PM] Oesterhase: ok good luck:) [11:21:30 PM] -Microsoft- ™: thanks [11:22:03 PM] -Microsoft- ™: so uhm [11:22:10 PM] -Microsoft- ™: the installed program is the RAT? [11:23:41 PM] -Microsoft- ™: hello? [11:23:53 PM] -Microsoft- ™: lol [11:24:07 PM] Oesterhase: yes [11:25:02 PM] -Microsoft- ™: idont get it tho lol [11:25:12 PM] -Microsoft- ™: why does it ask for netseal if its a rat [11:25:29 PM] Oesterhase: i dont know [11:25:41 PM] Oesterhase: i ask me this too [11:25:54 PM] -Microsoft- ™: k [11:25:57 PM] -Microsoft- ™: almost done [11:25:58 PM] -Microsoft- ™: [11:26:05 PM] Oesterhase: so fast [11:26:09 PM] -Microsoft- ™: ye easy af [11:26:09 PM] -Microsoft- ™: lol [11:26:21 PM] -Microsoft- ™: but uhm [11:26:26 PM] -Microsoft- ™: the program has a gui and stuff [11:26:29 PM] -Microsoft- ™: its just fake, right? [11:26:34 PM] Oesterhase: how? [11:26:40 PM] -Microsoft- ™: no i mean [11:26:46 PM] -Microsoft- ™: what is it ? [11:27:13 PM] Oesterhase: sry i from netherlands dont know what you mean [11:27:19 PM] -Microsoft- ™: lol [11:27:21 PM] -Microsoft- ™: ik ook XD [11:27:28 PM] Oesterhase: [11:28:11 PM] -Microsoft- ™: dit si wel een aparte exe [11:28:11 PM] -Microsoft- ™: lol [11:28:58 PM] Oesterhase: ah i dont know [11:29:07 PM] Oesterhase: iam not Software coder [11:29:22 PM] -Microsoft- ™: dude je bent nog nederlands? [11:29:22 PM] -Microsoft- ™: lol [11:29:26 PM] -Microsoft- ™: toch* [11:29:43 PM] Oesterhase: ja ja [11:29:53 PM] Oesterhase: is het omdat [11:31:36 PM] -Microsoft- ™: deze netseal is verstopt denk ik [11:31:37 PM] -Microsoft- ™: lol [11:31:55 PM] Oesterhase: Dus het werkt niet ? [11:32:02 PM] -Microsoft- ™: uhm [11:32:05 PM] -Microsoft- ™: i kan hem niet vinden nee [11:32:05 PM] -Microsoft- ™: ;( [11:32:28 PM] Oesterhase: ok laat maar niet zo belangrijk [11:33:14 PM] Oesterhase: wat heb je al gekraakt door toeval of goed crypter of paypal checker checker lol [11:33:29 PM] -Microsoft- ™: heh? [11:35:58 PM] -Microsoft- ™: heb je nog meer apps? [11:35:59 PM] -Microsoft- ™: lol [11:37:18 PM] Oesterhase: moment [11:37:33 PM] Oesterhase: https://www.dropbox.com/s/ualoyuttcq7zm6d/CyberSeal%20Protector.rar?dl=0 [11:37:39 PM] Oesterhase: a crypter [11:38:00 PM] -Microsoft- ™: brb [11:38:12 PM] Oesterhase: Kun je jezelf bovenstaande code , dus bijvoorbeeld zaken als paypal checker ? [11:38:34 PM] -Microsoft- ™: Dude, your using a translator? [11:38:34 PM] -Microsoft- ™: lol [11:39:18 PM] Oesterhase: no i not living Long time in netherlands, Born in Germany [11:39:26 PM] Oesterhase: you listen this so good? [11:39:33 PM] -Microsoft- ™: its bad dutch [11:39:33 PM] -Microsoft- ™: lol [11:39:51 PM] Oesterhase: dutch? [11:39:55 PM] -Microsoft- ™: ye [11:40:05 PM] Oesterhase: you mean deutsch? [11:40:08 PM] -Microsoft- ™: nono [11:40:09 PM] -Microsoft- ™: dutch [11:40:11 PM] -Microsoft- ™: Holland lol [11:40:30 PM] Oesterhase: to Long wake up [11:40:56 PM] -Microsoft- ™: lets just stick to englsih plz [11:40:56 PM] -Microsoft- ™: lol [11:41:01 PM] Oesterhase: ok [11:41:02 PM] -Microsoft- ™: btw [11:41:05 PM] -Microsoft- ™: you ratted me ? [11:42:38 PM] -Microsoft- ™: after i ran the installation, it disappeared. [11:43:04 PM] Oesterhase: ratted? [11:43:36 PM] Oesterhase: ah this you mean no [11:43:39 PM] Oesterhase: that is normal [11:43:50 PM] -Microsoft- ™: lol [11:43:56 PM] -Microsoft- ™: i know about RATS [11:43:59 PM] -Microsoft- ™: when they launch [11:44:06 PM] -Microsoft- ™: the hide themselves. [11:44:13 PM] -Microsoft- ™: and that's what happened at the first stage. [11:44:25 PM] Oesterhase: I dont infect you that is the Setup exe how i bought they! [11:45:01 PM] -Microsoft- ™: alrighgt. [11:45:08 PM] -Microsoft- ™: Your miles on crackingcore right? [11:45:25 PM] Oesterhase: what is miles? [11:45:59 PM] -Microsoft- ™: iment [11:46:00 PM] -Microsoft- ™: miles [11:46:04 PM] -Microsoft- ™: your miles from CC right? [11:46:17 PM] -Microsoft- ™: Can you please sent me a message on the site with the download link you gave me (heart) [11:46:19 PM] Oesterhase: i dont what is means with miles [11:46:22 PM] -Microsoft- ™: thanks (heart) [11:46:28 PM] Oesterhase: mom [11:46:58 PM] -Microsoft- ™: your german right?> [11:47:08 PM] Oesterhase: yes [11:47:17 PM] Oesterhase: http://www.imminentmethods.info/ [11:47:33 PM] -Microsoft- ™: Schickte mir eine Nachricht auf crackingcore [11:47:49 PM] Oesterhase: was ist los? [11:48:09 PM] -Microsoft- ™: ...... [11:48:09 PM] -Microsoft- ™: Schickte mir eine Nachricht auf crackingcore [11:48:20 PM] -Microsoft- ™: Nur um seine bestätigen [11:48:33 PM] Oesterhase: wenn du mir nicht glaubst tue ich das [11:48:46 PM] Oesterhase: your Name again? [11:48:52 PM] -Microsoft- ™: Microsoft Windows [11:48:52 PM | Edited 11:48:58 PM] -Microsoft- ™: Fügen Sie Ihrem Download-Link für dieses Programm bitte [11:49:06 PM] -Microsoft- ™: https://cracking.org/user/34657-microsoft-windows/ [11:49:53 PM] Oesterhase: done [11:50:46 PM] Oesterhase: why should infect you? [11:51:46 PM] -Microsoft- ™: nonono [11:51:50 PM] -Microsoft- ™: the link you gave me [11:51:53 PM] -Microsoft- ™: the dropbox please [11:52:02 PM] -Microsoft- ™: please put that into the message on crackingcore [11:52:09 PM] Oesterhase: where is your Problem? [11:52:16 PM] Oesterhase: this is the same file [11:52:21 PM] -Microsoft- ™: i don't care lol [11:52:28 PM] Oesterhase: if you are coder you see this! [11:52:29 PM] -Microsoft- ™: just provide the same link please on crackingcore [11:52:36 PM] Oesterhase: no i have no time for this shit! [11:52:39 PM] -Microsoft- ™: if your not ratting me, you will do this. [11:52:50 PM] Oesterhase: -.- [11:54:00 PM] -Microsoft- ™: dude [11:54:04 PM] -Microsoft- ™: why would a rat use netseal [11:54:04 PM] -Microsoft- ™: lol [11:54:43 PM] Oesterhase: i dont know [11:54:57 PM] Oesterhase: I knew ES So far so also not
     
    Slippy likes this.
  2. Slippy

    Slippy New Member

    Messages:
    105
    Likes:
    3
    Ratio:
    0
    an e-whoring skype bot makes more sense than him :)
     
  3. Animal

    Animal Well-Known Member Retired Staff

    Messages:
    2,013
    Likes:
    1,603
    Ratio:
    2.05
  4. Fluxify

    Fluxify Basic Member

    Messages:
    970
    Likes:
    383
    Ratio:
    0.62
    The Imminent setup file isn't infected. I ran it, and the file is still on my desktop. I don't think you were ratted @ Microsoft Windows.
     
  5. Microsoft

    Microsoft Well-Known Member Legacy

    Messages:
    2,361
    Likes:
    2,512
    Ratio:
    1.44
    Thanks for providing a revieuw of the file.
     

Share This Page