Deobfuscating a RAT which sends information to webhook.

Wondering if there is a way to deobfuscate this Minecraft RAT that sends information to a discord webhook once it is run (ssid, hwid, ip, os, passwords, etc.). The obfuscated part is located in the 3 DLL’s that are inside of the .jar file. If there is a way to deobfuscate these .DLL’s then please respond with a tutorial and how to. I’m pretty confident that the obfuscation is ran through a Base 64 UTF – 8 encoder, but I dont know what else. Thank you. PS: the webhook location and link would also be helpful so I can ruin the creators day and delete it. — WILL SEND INFO TO A WEBHOOK IF RAN (only use on vm or with care) – UTF – 8 encoding

submitted by /u/userbababoey
[link] [comments]

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Generated by Feedzy