Monday, July 28, 2008

eMule v0.48a eXcalibur v1.81





000000  4D 5A 43 5E  03 00 00 00  04 00 00 00  FF FF 00 00  MZC^........ÿÿ..
000010 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 ¸.......@.......
000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000030 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 ................
000040 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68 ..º..´.Í!¸.LÍ!Th
000050 69 73 20 69 73 20 65 4D 75 6C 65 20 76 30 2E 34 is is eMule v0.4
000060 38 61 20 65 58 63 61 6C 69 62 75 72 20 31 2E 38 8a eXcalibur 1.8
000070 31 20 4D 6F 44 0D 0D 0A 24 00 00 00 00 00 00 00 1 MoD
...$.......
000080 68 39 C3 77 2C 58 AD 24 2C 58 AD 24 2C 58 AD 24 h9Ãw,X­$,X­$,X­$
000090 29 54 CD 24 D8 58 AD 24 29 54 F2 24 33 59 AD 24 )TÍ$ØX­$)Tò$3Y­$
0000A0 D6 7B B4 24 2A 58 AD 24 F6 7B B1 24 2D 58 AD 24 Ö{´$*X­$ö{±$-X­$
0000B0 3F 50 F0 24 2E 58 AD 24 AF 50 F0 24 35 58 AD 24 ?Pð$.X­$¯Pð$5X­$
0000C0 2C 58 AC 24 9F 5A AD 24 3F 50 C4 24 9B 58 AD 24 ,X¬$ŸZ­$?PÄ$›X­$
0000D0 AF 50 F2 24 EC 58 AD 24 29 54 A2 24 1B 58 AD 24 ¯Pò$ìX­$)T¢$.X­$
0000E0 29 54 C9 24 D2 58 AD 24 C0 53 F3 24 2D 58 AD 24 )TÉ$ÒX­$ÀSó$-X­$
0000F0 29 54 F7 24 2D 58 AD 24 52 69 63 68 2C 58 AD 24 )T÷$-X­$Rich,X­$
000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000110 50 45 00 00 4C 01 04 00 93 B5 7D 48 00 00 00 00 PE..L...“µ}H....
000120 00 00 00 00 E0 00 0F 01 0B 01 07 0A 00 E0 19 00 ....à........à..
000130 00 E0 00 00 00 00 4E 00 00 D0 68 00 00 10 4E 00 .à....N..Ðh...N.
000140 00 F0 67 00 00 00 40 00 00 10 00 00 00 02 00 00 .ðg...@.........
000150 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 ................
000160 00 E0 68 00 00 10 00 00 00 00 00 00 02 00 00 00 .àh.............
000170 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 ................
000180 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ................
000190 70 C6 68 00 68 03 00 00 00 F0 67 00 70 D6 00 00 pÆh.h....ðg.pÖ..
0001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0001B0 D8 C9 68 00 0C 00 00 00 00 00 00 00 00 00 00 00 ØÉh.............
0001C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0001F0 DC 1E 39 00 80 00 00 00 00 00 00 00 00 00 00 00 Ü.9.€...........
000200 00 00 00 00 00 00 00 00 2E 74 65 78 74 00 A8 88 .........text.¨ˆ
000210 00 00 4E 00 00 10 00 00 00 00 00 00 00 04 00 00 ..N.............
000220 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 C0 ............@..À
000230 2E 64 61 74 61 00 A8 88 00 E0 19 00 00 10 4E 00 .data.¨ˆ.à....N.
000240 00 DA 19 00 00 04 00 00 00 00 00 00 00 00 00 00 .Ú..............
000250 00 00 00 00 40 00 00 C0 2E 72 73 72 63 00 00 00 ....@..À.rsrc...
000260 00 E0 00 00 00 F0 67 00 00 DA 00 00 00 DE 19 00 .à...ðg..Ú...Þ..
000270 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 C0 ............@..À
000280 2E 63 52 69 54 00 A8 88 00 10 00 00 00 D0 68 00 .cRiT.¨ˆ.....Ðh.
000290 54 03 00 00 00 B8 1A 00 00 00 00 00 00 00 00 00 T....¸..........
0002A0 00 00 00 00 40 00 00 C0 00 00 00 00 00 00 00 00 ....@..À........
0002B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0002C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0002D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0002E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0002F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000300 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000310 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000320 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000330 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000340 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000350 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000360 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000370 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000390 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0003A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0003B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0003C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0003D0 00 00 00 00 00 00 00 00 00 00 00 4A 75 73 74 20 ...........Just
0003E0 46 75 4E 21 0C 09 05 0A E4 F8 53 ED 84 DC F4 FA FuN!
....äøSí„Üôú

image emule.exe Worm, Trojan, Spyware?
Upx-Lock 1.0 - 1.2 --> CyberDoom / Team-X & BoB / BobSoft
packers (Kaspersky): PE_Patch, UPX
http://www.virustotal.com/de/analisis/3e92565a286ed29610eb7074bdd1efc0
Result: 9/35 (25.71%)

Original with UPX and UPX lock scrambled + Header modificated. The MSDOS Stub replaced
eMule_v0.48a_eXcalibur_v1.81.7z 2.71 MB
ed2k link:
eMule_v0.48a_eXcalibur_v1.81.7z
eMule_v0.48a_eXcalibur_v1.8.7z
eMule_v0.48a_eXcalibur_v1.71.7z

Clean (unpacked) all scramble crap removed clean recomp. no protection or packer used:

eMule v0.48a eXcalibur 1.81 Modded By 风之痕 [ http://fzh.soft2cn.cn/ ]
Private Edition For Personal Use, Please Do NOT Redistribute. Thanks.
私用版本, 不在公众渠道发布, 请获得的骡友也不要散发. 谢谢.
eMule Project: http://www.emule-project.net/
eMule is eMule, not eDonkey or Overnet. (-..-)

Download:

Chinese Version eMule_v0.48a_eXcalibur_v1.81-chn-clean.7z 2.52 MB

English Version eMule_v0.48a_eXcalibur_v1.81-eng-clean.7z 2.52 MB

emule.exe only english
ms dos stub replaced with a valid one:
eMulenew1.exe 4.32 MB

AntiVirus test results 0/35 (0%):
File size: 4534272 bytes
MD5...: 840c3664f7ad87c192985b2d69e2e67f
SHA1..: f0351ade16e0db6770f3d13c59a4ddb1ebabcd26
http://www.virustotal.com/de/analisis/e6fa5749a71fbddfe3fb2628f3e199cb

For Worldwide VeryCD users

No comments:

Post a Comment