EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #16  
Old 10-24-2012, 23:13
MarcElBichon MarcElBichon is online now
VIP
 
Join Date: Jan 2002
Posts: 184
Rept. Given: 156
Rept. Rcvd 154 Times in 55 Posts
Thanks Given: 31
Thanks Rcvd at 53 Times in 16 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
Quote:
Originally Posted by riverstore View Post
Thanks for the news and the attachment, but it still doesn't detect Themida
Latest private version:
Quote:
Last sign :

659. FastPack 32 bits ver.2.x C 2012 by Jean-Marie BARONE ( packer for
Win7/8) http://fastpack.free.fr *ACM
660. CreateInstall v5.1x Gentee ( 2007 - 2012 ) - www.createinstall.com
661. Microsoft SFX CAB Archive ( WiX Installer ) - MS C++ v10 -
www.microsoft.com
662. Software key wrapper 2.0. Copyright 2007-2012 GiveawayOfTheDay.com
663. generic check - MinGW/GCC v.4.7.x - NEW with TLS
664. Themida/Winlicense v.2.1.x.x ( std ) -> Oreans Technologies -
www.oreans.com *ACM

665. Microsoft Visual C++ ver. 9.0/10.0 [ DEBUG ] - E8 System Win7/8 sign.
Reply With Quote
  #17  
Old 10-25-2012, 01:11
Gmax Gmax is offline
VIP
 
Join Date: Mar 2012
Location: AoRe
Posts: 283
Rept. Given: 48
Rept. Rcvd 312 Times in 150 Posts
Thanks Given: 1
Thanks Rcvd at 63 Times in 30 Posts
Gmax Reputation: 300-399 Gmax Reputation: 300-399 Gmax Reputation: 300-399 Gmax Reputation: 300-399
but where i can find the latest signs (659 to 664) please
Reply With Quote
  #18  
Old 10-25-2012, 03:03
JeRRy's Avatar
JeRRy JeRRy is offline
VIP
 
Join Date: Oct 2010
Posts: 119
Rept. Given: 88
Rept. Rcvd 204 Times in 72 Posts
Thanks Given: 12
Thanks Rcvd at 12 Times in 3 Posts
JeRRy Reputation: 200-299 JeRRy Reputation: 200-299 JeRRy Reputation: 200-299
EXEInfo PE v.0.0.3.2 Beta II with 665 signatures

Quote:
Extra added :

- Ext_detector.dll - ver.0.3.8

Plugins :

- advanced_scan.dll v1.07 ( with UserDB.TXT 7076 signatures )
- Hash & Crypto Detector v1.4 ( RSA ,CRC32 , MD5 ... detect )
- PeID Signature Maker v1.2.0 ( You can add new signatures )
- user skins fo ExeinfoPe ( 25 skins )

Last sign :

659. FastPack 32 bits ver.2.x C 2012 by Jean-Marie BARONE ( packer for
Win7/8) http://fastpack.free.fr *ACM
660. CreateInstall v5.1x Gentee ( 2007 - 2012 ) - www.createinstall.com
661. Microsoft SFX CAB Archive ( WiX Installer ) - MS C++ v10 -
www.microsoft.com
662. Software key wrapper 2.0. Copyright 2007-2012 GiveawayOfTheDay.com
663. generic check - MinGW/GCC v.4.7.x - NEW with TLS
664. Themida/Winlicense v.2.1.x.x ( std ) -> Oreans Technologies -
www.oreans.com *ACM
665. Microsoft Visual C++ ver. 9.0/10.0 [ DEBUG ] - E8 System Win7/8 sign.

A.S.L
Download
http://www.datafilehost.com/download-e7ba8568.html

Have fun
Attached Files
File Type: rar EXE Info.part1.rar (1.00 MB, 30 views)
File Type: rar EXE Info.part2.rar (1.00 MB, 32 views)
File Type: rar EXE Info.part3.rar (251.9 KB, 22 views)
__________________
SnD
Reply With Quote
The Following 6 Users Gave Reputation+1 to JeRRy For This Useful Post:
giv (10-25-2012), Gmax (10-25-2012), quygia128 (10-26-2012), riverstore (10-25-2012), xtiaoshi (10-25-2012), zeuscane (10-25-2012)
  #19  
Old 10-25-2012, 07:37
riverstore riverstore is offline
Family
 
Join Date: Aug 2012
Posts: 48
Rept. Given: 111
Rept. Rcvd 40 Times in 17 Posts
Thanks Given: 22
Thanks Rcvd at 4 Times in 4 Posts
riverstore Reputation: 40
Quote:
Originally Posted by JeRRy View Post
EXEInfo PE v.0.0.3.2 Beta II with 665 signatures
Download
http://www.datafilehost.com/download-e7ba8568.html

Have fun
It can detect Themida now, Thanks a lot!
Reply With Quote
  #20  
Old 10-26-2012, 18:03
quygia128's Avatar
quygia128 quygia128 is offline
Family
 
Join Date: Apr 2011
Location: SomeWhere
Posts: 106
Rept. Given: 233
Rept. Rcvd 182 Times in 47 Posts
Thanks Given: 43
Thanks Rcvd at 9 Times in 5 Posts
quygia128 Reputation: 100-199 quygia128 Reputation: 100-199
Quote:
Originally Posted by riverstore View Post
Thanks! In a video tutorial by giv, I see that his ExeInfo can detect Themida
You can add sig for exeinfo.
or
try PEiD mod by Vic4Key.

Download:
Quote:
hxxp://www.mediafire.com/?qvwjbuk2wp4fan4

Last edited by quygia128; 10-26-2012 at 18:14.
Reply With Quote
  #21  
Old 11-11-2012, 07:26
MarcElBichon MarcElBichon is online now
VIP
 
Join Date: Jan 2002
Posts: 184
Rept. Given: 156
Rept. Rcvd 154 Times in 55 Posts
Thanks Given: 31
Thanks Rcvd at 53 Times in 16 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
New private version

Quote:
Exeinfo Pe v.0.0.3.2 - 2012.09.11 with 667 signatures

extra added :
- Ext_detector.dll - ver.0.3.8 ( non executable data detect )

Plugins :
- advanced_scan.dll v1.07 ( with UserDB.TXT 7076 signatures )
- Hash & Crypto Detector v1.4 ( RSA ,CRC32 , MD5 ... detect )
- PeID Signature Maker v1.2.0 ( You can add new signatures )

- user skins fo ExeinfoPe ( 2o skins )
Reply With Quote
  #22  
Old 11-11-2012, 08:19
JeRRy's Avatar
JeRRy JeRRy is offline
VIP
 
Join Date: Oct 2010
Posts: 119
Rept. Given: 88
Rept. Rcvd 204 Times in 72 Posts
Thanks Given: 12
Thanks Rcvd at 12 Times in 3 Posts
JeRRy Reputation: 200-299 JeRRy Reputation: 200-299 JeRRy Reputation: 200-299
Exeinfo Pe v0.0.3.2 PowerPack with 667 signatures

http://www.mirrorcreator.com/files/0PKCO1XG/Exeinfo_Pe_v0.0.3.2_PowerPack.rar_links
__________________
SnD
Reply With Quote
The Following 7 Users Gave Reputation+1 to JeRRy For This Useful Post:
Av0id (11-12-2012), chessgod101 (11-11-2012), copyleft (11-11-2012), giv (11-12-2012), quygia128 (11-11-2012), riverstore (11-11-2012)
  #23  
Old 11-11-2012, 17:48
cxj98
 
Posts: n/a
almost final ready, it won't see any test version dialog.
Reply With Quote
  #24  
Old 11-14-2012, 07:42
MarcElBichon MarcElBichon is online now
VIP
 
Join Date: Jan 2002
Posts: 184
Rept. Given: 156
Rept. Rcvd 154 Times in 55 Posts
Thanks Given: 31
Thanks Rcvd at 53 Times in 16 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
Quote:
Originally Posted by cxj98 View Post
almost final ready, it won't see any test version dialog.
Final version indeed!

Download on official webpage:
Quote:
http://www.exeinfo.antserve.com/exeinfope.zip
Reply With Quote
  #25  
Old 03-25-2013, 15:56
MistHill MistHill is offline
Family
 
Join Date: Dec 2012
Posts: 17
Rept. Given: 9
Rept. Rcvd 33 Times in 8 Posts
Thanks Given: 14
Thanks Rcvd at 51 Times in 8 Posts
MistHill Reputation: 33
Exeinfo PE - ver 0.0.3.3 Beta 680 sign
ExeinfoPe_v0033_Beta_680.zip
Reply With Quote
The Following 2 Users Gave Reputation+1 to MistHill For This Useful Post:
alekine322 (03-26-2013), Dreamer (03-25-2013)
  #26  
Old 05-10-2013, 11:47
MistHill MistHill is offline
Family
 
Join Date: Dec 2012
Posts: 17
Rept. Given: 9
Rept. Rcvd 33 Times in 8 Posts
Thanks Given: 14
Thanks Rcvd at 51 Times in 8 Posts
MistHill Reputation: 33
Exeinfo PE - ver.0.0.3.3 - 680 sign 2012.12.25 FULL

Ext_Detector.dll updated to version 0.0.7.0

exeinfope_v0030_full_0070.zip
Reply With Quote
The Following 5 Users Gave Reputation+1 to MistHill For This Useful Post:
alekine322 (05-11-2013), chessgod101 (05-10-2013), cjack (05-25-2013), TheEnd (05-12-2013), uranus64 (05-10-2013)
  #27  
Old 06-17-2013, 08:44
MistHill MistHill is offline
Family
 
Join Date: Dec 2012
Posts: 17
Rept. Given: 9
Rept. Rcvd 33 Times in 8 Posts
Thanks Given: 14
Thanks Rcvd at 51 Times in 8 Posts
MistHill Reputation: 33
Official site www.exeinfo.xn.pl updated on 2013-06-15

Readme_ExeinfoPe.TxT

Quote:
Exeinfo Pe v.0.0.3.3 Full_2 - with 680 signatures

extra added :
- Ext_detector.dll - ver.0.8.0 ( non executable data detect )

Plugins :
advanced_scan.dll + UserDB.TXT with 7075 Signatures

Languages :
Empty sample language file .lng
Russian .lng
Chinese_CHS.lng
Chinese_Big5.lng

Hint :
Click on Config "Language:" string to configure language file.

A.S.L
Reply With Quote
The Following 3 Users Gave Reputation+1 to MistHill For This Useful Post:
Computer_Angel (06-17-2013), emo (06-19-2013)
  #28  
Old 06-27-2013, 03:02
kjms's Avatar
kjms kjms is offline
VIP
 
Join Date: Jun 2011
Posts: 182
Rept. Given: 179
Rept. Rcvd 317 Times in 78 Posts
Thanks Given: 10
Thanks Rcvd at 32 Times in 13 Posts
kjms Reputation: 300-399 kjms Reputation: 300-399 kjms Reputation: 300-399 kjms Reputation: 300-399
version : 0.0.3.3 Full - ( 680 sign )
http://www.exeinfo.antserve.com/exeinfope.zip

Code:
extra added :
Ext_detector.dll - ver.0.8.0 ( non executable data detect )
Plugins : advanced_scan.dll + UserDB.TXT with 7075 Signatures
Languages :
Empty sample language file .lng
Russian .lng
Chinese_CHS.lng 
Chinese_Big5.lng
Reply With Quote
The Following 5 Users Gave Reputation+1 to kjms For This Useful Post:
alekine322 (06-27-2013), bolo2002 (06-27-2013), chessgod101 (06-27-2013), uranus64 (06-27-2013), xtiaoshi (06-27-2013)
  #29  
Old 08-21-2013, 10:13
MistHill MistHill is offline
Family
 
Join Date: Dec 2012
Posts: 17
Rept. Given: 9
Rept. Rcvd 33 Times in 8 Posts
Thanks Given: 14
Thanks Rcvd at 51 Times in 8 Posts
MistHill Reputation: 33
ExeinfoPE v.0.0.3.4 Beta2 696 sign/Ext_Detector v.1.0.0

ReadMe.txt for ExeinfoPE
Code:
ExeinfoPE v.0.0.3.4 Beta2 696 sign - for Beta Tester only not for usage ( with NAG )

Total not tested version , possible nonSense diagnose !!! , many signatures modified

fixed :

- file scaner changed ( ex. VMProtect ) Faster scan 
- compiler detector - add Cygwin - detect console app
- fixed detection for 2 section dll    *generic check - Microsoft Visual C# / Basic.NET / MS Visual Basic 
- Fixed - inteli check : MINGW - Bloodshed Software ( www.bloodshed.net )
- StatWin GUI - MD5 copy to clip fixed
- Copy As .bak - close removed and .ext fixed / path
- Rename file - fixed path and txt 
- added detection for : Private exe Protector v.4.1.2
- rar ripper file names changed to Hex "XX-rip.rar"
- rar added pass info : NOT EXE - its archive - .RAR >  Used : [ Password needed - HEADER Crypted ]
- Export view fixed
- added : LE - Linear Executable ( VxD driver Win 3.x / Dos Ext. /  OS/2 ) - mixed 16/32 bit

and more

new sign :

681. InstallIQ - 2012-2013 InstallX, LLC  [ MS C++ v.xx ] - www.installiqlearnmore.com
682. ToolBelt Installer - www.?????.com - Microsoft Visual C++ 9.0 - Visual Studio 2008
683. ( UPX 3.x modified ) Softonic Downloader - PUA / Adware / Downware - www.softonic.com*
684. Google Installer  www.google.com -  Microsoft Visual C++ ver. 8.0 / Visual Studio 2005
685. Squeez Sqx Archive Selfextractor v.5.63 SQ5SFX overlay - www.speedproject.de/enu/support/updates.html ( Upx / not Upx )
686. Adobe Flash Player v11.x - www.adobe.com - Microsoft Visual C++ 9.0 - Visual Studio 2008 (E8)
687. FreeArc 0.5x -0.67 SFX stub - ovl .Arc Archive [ v0.xx ] - Dev-C++ / UPX stub
688. Tampared : Inno Setup -> [ '????' Setup v.5.1.13 ]
689. Logic Protect EXE Ceator 2.0.4 - www.logicprotect.com ( stub : Microsoft Visual C++ ver. 8.0 )
690. CodeWall 2010 v4.1.1.0 ( *trial .NET Protector ) - www.codewall.net - Microsoft Visual C# / Basic.NET
691. Private exe Protector v.4.1.2 (30.01.2013)  - www.setisoft.com
692. Private exe Protector v.4.1.2 *Trial- DLL - (30.01.2013)  - www.setisoft.com
693. Kaspersky AV Pack  ( exe/dll ) - www.kaspersky.com    *ACM
694. InstallAware DRM ( Trialware Creator )  Copyright 1998-2009 Softwrap Ltd.
695. [.NET source exe ] - InstallAware DRM ( Trialware Creator )  Copyright 1998-2009 Softwrap Ltd.
696. Themida/Winlicense v.2.1.0.0 ( std mode ) -> Oreans Technologies - www.oreans.com  *ACM

A.S.L.
Improved File Scaner. For example, VMProtect 2.09 & apps protected by Themida/Winlicense v.2.1.0.0 can be identified now.

ReadMe.txt for Ext_Detector
Code:
  ********************************************************
  *                                                      *
  *                Ext_Detector.dll                      *
  *                                                      *
  *      Non executable detector for Exeinfo Pe          *
  *                                                      *
  *      ver.1.0.0 - required Exeinfo v.0.0.3.1          *
  *                                                      *
  *               www.exeinfo.xwp.pl                     *
  *                                                      *
  *               2013.07.06 by A.S.L                    *
  *                                                      *
  *                freeware version                      *
  *                                                      *
  ********************************************************
...
exeinfope_v0034_Beta2_696.zip
Ext_Detector_v100.zip
Reply With Quote
The Following 7 Users Gave Reputation+1 to MistHill For This Useful Post:
kienmanowar (08-26-2013), Molasar (08-28-2013), nikkapedd (08-31-2013), the_beginner (08-26-2013), user1 (08-24-2013), wilson bibe (08-21-2013), xtiaoshi (08-21-2013)
  #30  
Old 10-13-2013, 04:41
Dreamer's Avatar
Dreamer Dreamer is offline
Family
 
Join Date: May 2012
Location: Serbia
Posts: 585
Rept. Given: 614
Rept. Rcvd 657 Times in 255 Posts
Thanks Given: 116
Thanks Rcvd at 47 Times in 26 Posts
Dreamer Reputation: 36
0.0.3.4 Beta 700 sign

update : 2013-10-10
10.10.2013 - ver.0.0.3.4 Beta 700
15.06.2013 - ver.0.0.3.3 Full - fixed version (2)
30.03.2013 - ver.0.0.3.3 Beta - new user language files added , Hex2Dec converter , ovl click detector
11.02.2012 - updated : Ext_detector.dll - 62 signatures - non executable data file detector
10.11.2012 - added new Rippers , new signatures , .NET exe info , many fixes
22.07.2012 - doc/xls/msi ripper added , bug fixed , new sign added , config text color for user Skin
30.08.2011 - small GUI changes , new signature added , plugin detector added , ver.0.0.3.0
03.01.2011 - added xml ripper, compiler detector, process killer,... ver.0.0.2.9
05.12.2010 - new option , new signatures bug fixes

Code:
http://exeinfo.atwebpages.com
Reply With Quote
The Following 4 Users Gave Reputation+1 to Dreamer For This Useful Post:
emo (10-13-2013), nikkapedd (10-15-2013), sendersu (10-13-2013), wilson bibe (10-13-2013)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 12:51.


ICP05004977
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX