Wondering if there is a way to deobfuscate this Minecraft RAT that sends information to a discord webhook once it is run (ssid, hwid, ip, os, passwords, etc.). The obfuscated part is located in the 3 DLL’s that are inside of the .jar file. If there is a way to deobfuscate these .DLL’s then please respond with a tutorial and how to. I’m pretty confident that the obfuscation is ran through a Base 64 UTF – 8 encoder, but I dont know what else. Thank you. PS: the webhook location and link would also be helpful so I can ruin the creators day and delete it.
https://cdn.discordapp.com/attachments/1052432332608524321/1069127907626201168/KMOD.jar — WILL SEND INFO TO A WEBHOOK IF RAN (only use on vm or with care)
https://imgur.com/a/dHF1Ae9 – UTF – 8 encoding
submitted by /u/userbababoey
[link] [comments]