Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #16  
Old 10-24-2012, 23:13
MarcElBichon MarcElBichon is offline
VIP
 
Join Date: Jan 2002
Posts: 272
Rept. Given: 377
Rept. Rcvd 151 Times in 57 Posts
Thanks Given: 301
Thanks Rcvd at 274 Times in 90 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
Quote:
Originally Posted by riverstore View Post
Thanks for the news and the attachment, but it still doesn't detect Themida
Latest private version:
Quote:
Last sign :

659. FastPack 32 bits ver.2.x C 2012 by Jean-Marie BARONE ( packer for
Win7/8) http://fastpack.free.fr *ACM
660. CreateInstall v5.1x Gentee ( 2007 - 2012 ) - www.createinstall.com
661. Microsoft SFX CAB Archive ( WiX Installer ) - MS C++ v10 -
www.microsoft.com
662. Software key wrapper 2.0. Copyright 2007-2012 GiveawayOfTheDay.com
663. generic check - MinGW/GCC v.4.7.x - NEW with TLS
664. Themida/Winlicense v.2.1.x.x ( std ) -> Oreans Technologies -
www.oreans.com *ACM

665. Microsoft Visual C++ ver. 9.0/10.0 [ DEBUG ] - E8 System Win7/8 sign.
Reply With Quote
The Following User Says Thank You to MarcElBichon For This Useful Post:
Indigo (07-19-2019)
  #17  
Old 10-25-2012, 01:11
Gmax Gmax is offline
VIP
 
Join Date: Mar 2012
Location: AoRe
Posts: 287
Rept. Given: 49
Rept. Rcvd 312 Times in 150 Posts
Thanks Given: 3
Thanks Rcvd at 93 Times in 58 Posts
Gmax Reputation: 300-399 Gmax Reputation: 300-399 Gmax Reputation: 300-399 Gmax Reputation: 300-399
but where i can find the latest signs (659 to 664) please
Reply With Quote
The Following User Says Thank You to Gmax For This Useful Post:
Indigo (07-19-2019)
  #18  
Old 10-25-2012, 03:03
JeRRy's Avatar
JeRRy JeRRy is online now
VIP
 
Join Date: Oct 2010
Posts: 121
Rept. Given: 89
Rept. Rcvd 205 Times in 72 Posts
Thanks Given: 14
Thanks Rcvd at 26 Times in 12 Posts
JeRRy Reputation: 200-299 JeRRy Reputation: 200-299 JeRRy Reputation: 200-299
EXEInfo PE v.0.0.3.2 Beta II with 665 signatures

Quote:
Extra added :

- Ext_detector.dll - ver.0.3.8

Plugins :

- advanced_scan.dll v1.07 ( with UserDB.TXT 7076 signatures )
- Hash & Crypto Detector v1.4 ( RSA ,CRC32 , MD5 ... detect )
- PeID Signature Maker v1.2.0 ( You can add new signatures )
- user skins fo ExeinfoPe ( 25 skins )

Last sign :

659. FastPack 32 bits ver.2.x C 2012 by Jean-Marie BARONE ( packer for
Win7/8) http://fastpack.free.fr *ACM
660. CreateInstall v5.1x Gentee ( 2007 - 2012 ) - www.createinstall.com
661. Microsoft SFX CAB Archive ( WiX Installer ) - MS C++ v10 -
www.microsoft.com
662. Software key wrapper 2.0. Copyright 2007-2012 GiveawayOfTheDay.com
663. generic check - MinGW/GCC v.4.7.x - NEW with TLS
664. Themida/Winlicense v.2.1.x.x ( std ) -> Oreans Technologies -
www.oreans.com *ACM
665. Microsoft Visual C++ ver. 9.0/10.0 [ DEBUG ] - E8 System Win7/8 sign.

A.S.L
Download
http://www.datafilehost.com/download-e7ba8568.html

Have fun
Attached Files
File Type: rar EXE Info.part1.rar (1.00 MB, 31 views)
File Type: rar EXE Info.part2.rar (1.00 MB, 33 views)
File Type: rar EXE Info.part3.rar (251.9 KB, 23 views)
__________________
SnD
Reply With Quote
The Following 6 Users Gave Reputation+1 to JeRRy For This Useful Post:
giv (10-25-2012), Gmax (10-25-2012), quygia128 (10-26-2012), riverstore (10-25-2012), xtiaoshi (10-25-2012), zeuscane (10-25-2012)
The Following User Says Thank You to JeRRy For This Useful Post:
Indigo (07-19-2019)
  #19  
Old 10-25-2012, 07:37
riverstore riverstore is offline
Family
 
Join Date: Aug 2012
Posts: 50
Rept. Given: 111
Rept. Rcvd 40 Times in 17 Posts
Thanks Given: 52
Thanks Rcvd at 10 Times in 8 Posts
riverstore Reputation: 40
Quote:
Originally Posted by JeRRy View Post
EXEInfo PE v.0.0.3.2 Beta II with 665 signatures
Download
http://www.datafilehost.com/download-e7ba8568.html

Have fun
It can detect Themida now, Thanks a lot!
Reply With Quote
The Following User Says Thank You to riverstore For This Useful Post:
Indigo (07-19-2019)
  #20  
Old 10-26-2012, 18:03
quygia128's Avatar
quygia128 quygia128 is offline
Family
 
Join Date: Apr 2011
Location: SomeWhere
Posts: 109
Rept. Given: 242
Rept. Rcvd 182 Times in 47 Posts
Thanks Given: 121
Thanks Rcvd at 30 Times in 19 Posts
quygia128 Reputation: 100-199 quygia128 Reputation: 100-199
Quote:
Originally Posted by riverstore View Post
Thanks! In a video tutorial by giv, I see that his ExeInfo can detect Themida
You can add sig for exeinfo.
or
try PEiD mod by Vic4Key.

Download:
Quote:
hxxp://www.mediafire.com/?qvwjbuk2wp4fan4

Last edited by quygia128; 10-26-2012 at 18:14.
Reply With Quote
The Following User Says Thank You to quygia128 For This Useful Post:
Indigo (07-19-2019)
  #21  
Old 11-11-2012, 07:26
MarcElBichon MarcElBichon is offline
VIP
 
Join Date: Jan 2002
Posts: 272
Rept. Given: 377
Rept. Rcvd 151 Times in 57 Posts
Thanks Given: 301
Thanks Rcvd at 274 Times in 90 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
New private version

Quote:
Exeinfo Pe v.0.0.3.2 - 2012.09.11 with 667 signatures

extra added :
- Ext_detector.dll - ver.0.3.8 ( non executable data detect )

Plugins :
- advanced_scan.dll v1.07 ( with UserDB.TXT 7076 signatures )
- Hash & Crypto Detector v1.4 ( RSA ,CRC32 , MD5 ... detect )
- PeID Signature Maker v1.2.0 ( You can add new signatures )

- user skins fo ExeinfoPe ( 2o skins )
Reply With Quote
The Following User Says Thank You to MarcElBichon For This Useful Post:
Indigo (07-19-2019)
  #22  
Old 11-11-2012, 08:19
JeRRy's Avatar
JeRRy JeRRy is online now
VIP
 
Join Date: Oct 2010
Posts: 121
Rept. Given: 89
Rept. Rcvd 205 Times in 72 Posts
Thanks Given: 14
Thanks Rcvd at 26 Times in 12 Posts
JeRRy Reputation: 200-299 JeRRy Reputation: 200-299 JeRRy Reputation: 200-299
Exeinfo Pe v0.0.3.2 PowerPack with 667 signatures

http://www.mirrorcreator.com/files/0PKCO1XG/Exeinfo_Pe_v0.0.3.2_PowerPack.rar_links
__________________
SnD
Reply With Quote
The Following 7 Users Gave Reputation+1 to JeRRy For This Useful Post:
Av0id (11-12-2012), chessgod101 (11-11-2012), copyleft (11-11-2012), giv (11-12-2012), quygia128 (11-11-2012), riverstore (11-11-2012)
The Following User Says Thank You to JeRRy For This Useful Post:
Indigo (07-19-2019)
  #23  
Old 11-11-2012, 17:48
cxj98
 
Posts: n/a
almost final ready, it won't see any test version dialog.
Reply With Quote
  #24  
Old 11-14-2012, 07:42
MarcElBichon MarcElBichon is offline
VIP
 
Join Date: Jan 2002
Posts: 272
Rept. Given: 377
Rept. Rcvd 151 Times in 57 Posts
Thanks Given: 301
Thanks Rcvd at 274 Times in 90 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
Quote:
Originally Posted by cxj98 View Post
almost final ready, it won't see any test version dialog.
Final version indeed!

Download on official webpage:
Quote:
http://www.exeinfo.antserve.com/exeinfope.zip
Reply With Quote
The Following User Says Thank You to MarcElBichon For This Useful Post:
Indigo (07-19-2019)
  #25  
Old 03-25-2013, 15:56
MistHill MistHill is offline
Family
 
Join Date: Dec 2012
Posts: 31
Rept. Given: 12
Rept. Rcvd 42 Times in 13 Posts
Thanks Given: 26
Thanks Rcvd at 135 Times in 28 Posts
MistHill Reputation: 42
Exeinfo PE - ver 0.0.3.3 Beta 680 sign
ExeinfoPe_v0033_Beta_680.zip
Reply With Quote
The Following 2 Users Gave Reputation+1 to MistHill For This Useful Post:
alekine322 (03-26-2013), Dreamer (03-25-2013)
The Following User Says Thank You to MistHill For This Useful Post:
Indigo (07-19-2019)
  #26  
Old 05-10-2013, 11:47
MistHill MistHill is offline
Family
 
Join Date: Dec 2012
Posts: 31
Rept. Given: 12
Rept. Rcvd 42 Times in 13 Posts
Thanks Given: 26
Thanks Rcvd at 135 Times in 28 Posts
MistHill Reputation: 42
Exeinfo PE - ver.0.0.3.3 - 680 sign 2012.12.25 FULL

Ext_Detector.dll updated to version 0.0.7.0

exeinfope_v0030_full_0070.zip
Reply With Quote
The Following 5 Users Gave Reputation+1 to MistHill For This Useful Post:
alekine322 (05-11-2013), chessgod101 (05-10-2013), cjack (05-25-2013), TheEnd (05-12-2013), uranus64 (05-10-2013)
The Following User Says Thank You to MistHill For This Useful Post:
Indigo (07-19-2019)
  #27  
Old 06-17-2013, 08:44
MistHill MistHill is offline
Family
 
Join Date: Dec 2012
Posts: 31
Rept. Given: 12
Rept. Rcvd 42 Times in 13 Posts
Thanks Given: 26
Thanks Rcvd at 135 Times in 28 Posts
MistHill Reputation: 42
Official site www.exeinfo.xn.pl updated on 2013-06-15

Readme_ExeinfoPe.TxT

Quote:
Exeinfo Pe v.0.0.3.3 Full_2 - with 680 signatures

extra added :
- Ext_detector.dll - ver.0.8.0 ( non executable data detect )

Plugins :
advanced_scan.dll + UserDB.TXT with 7075 Signatures

Languages :
Empty sample language file .lng
Russian .lng
Chinese_CHS.lng
Chinese_Big5.lng

Hint :
Click on Config "Language:" string to configure language file.

A.S.L
Reply With Quote
The Following 3 Users Gave Reputation+1 to MistHill For This Useful Post:
Computer_Angel (06-17-2013), emo (06-19-2013)
The Following User Says Thank You to MistHill For This Useful Post:
Indigo (07-19-2019)
  #28  
Old 06-27-2013, 03:02
kjms's Avatar
kjms kjms is offline
VIP
 
Join Date: Jun 2011
Posts: 194
Rept. Given: 184
Rept. Rcvd 320 Times in 79 Posts
Thanks Given: 19
Thanks Rcvd at 78 Times in 33 Posts
kjms Reputation: 300-399 kjms Reputation: 300-399 kjms Reputation: 300-399 kjms Reputation: 300-399
version : 0.0.3.3 Full - ( 680 sign )
http://www.exeinfo.antserve.com/exeinfope.zip

Code:
extra added :
Ext_detector.dll - ver.0.8.0 ( non executable data detect )
Plugins : advanced_scan.dll + UserDB.TXT with 7075 Signatures
Languages :
Empty sample language file .lng
Russian .lng
Chinese_CHS.lng 
Chinese_Big5.lng
Reply With Quote
The Following 5 Users Gave Reputation+1 to kjms For This Useful Post:
alekine322 (06-27-2013), bolo2002 (06-27-2013), chessgod101 (06-27-2013), uranus64 (06-27-2013), xtiaoshi (06-27-2013)
The Following User Says Thank You to kjms For This Useful Post:
Indigo (07-19-2019)
  #29  
Old 08-21-2013, 10:13
MistHill MistHill is offline
Family
 
Join Date: Dec 2012
Posts: 31
Rept. Given: 12
Rept. Rcvd 42 Times in 13 Posts
Thanks Given: 26
Thanks Rcvd at 135 Times in 28 Posts
MistHill Reputation: 42
ExeinfoPE v.0.0.3.4 Beta2 696 sign/Ext_Detector v.1.0.0

ReadMe.txt for ExeinfoPE
Code:
ExeinfoPE v.0.0.3.4 Beta2 696 sign - for Beta Tester only not for usage ( with NAG )

Total not tested version , possible nonSense diagnose !!! , many signatures modified

fixed :

- file scaner changed ( ex. VMProtect ) Faster scan 
- compiler detector - add Cygwin - detect console app
- fixed detection for 2 section dll    *generic check - Microsoft Visual C# / Basic.NET / MS Visual Basic 
- Fixed - inteli check : MINGW - Bloodshed Software ( www.bloodshed.net )
- StatWin GUI - MD5 copy to clip fixed
- Copy As .bak - close removed and .ext fixed / path
- Rename file - fixed path and txt 
- added detection for : Private exe Protector v.4.1.2
- rar ripper file names changed to Hex "XX-rip.rar"
- rar added pass info : NOT EXE - its archive - .RAR >  Used : [ Password needed - HEADER Crypted ]
- Export view fixed
- added : LE - Linear Executable ( VxD driver Win 3.x / Dos Ext. /  OS/2 ) - mixed 16/32 bit

and more

new sign :

681. InstallIQ - 2012-2013 InstallX, LLC  [ MS C++ v.xx ] - www.installiqlearnmore.com
682. ToolBelt Installer - www.?????.com - Microsoft Visual C++ 9.0 - Visual Studio 2008
683. ( UPX 3.x modified ) Softonic Downloader - PUA / Adware / Downware - www.softonic.com*
684. Google Installer  www.google.com -  Microsoft Visual C++ ver. 8.0 / Visual Studio 2005
685. Squeez Sqx Archive Selfextractor v.5.63 SQ5SFX overlay - www.speedproject.de/enu/support/updates.html ( Upx / not Upx )
686. Adobe Flash Player v11.x - www.adobe.com - Microsoft Visual C++ 9.0 - Visual Studio 2008 (E8)
687. FreeArc 0.5x -0.67 SFX stub - ovl .Arc Archive [ v0.xx ] - Dev-C++ / UPX stub
688. Tampared : Inno Setup -> [ '????' Setup v.5.1.13 ]
689. Logic Protect EXE Ceator 2.0.4 - www.logicprotect.com ( stub : Microsoft Visual C++ ver. 8.0 )
690. CodeWall 2010 v4.1.1.0 ( *trial .NET Protector ) - www.codewall.net - Microsoft Visual C# / Basic.NET
691. Private exe Protector v.4.1.2 (30.01.2013)  - www.setisoft.com
692. Private exe Protector v.4.1.2 *Trial- DLL - (30.01.2013)  - www.setisoft.com
693. Kaspersky AV Pack  ( exe/dll ) - www.kaspersky.com    *ACM
694. InstallAware DRM ( Trialware Creator )  Copyright 1998-2009 Softwrap Ltd.
695. [.NET source exe ] - InstallAware DRM ( Trialware Creator )  Copyright 1998-2009 Softwrap Ltd.
696. Themida/Winlicense v.2.1.0.0 ( std mode ) -> Oreans Technologies - www.oreans.com  *ACM

A.S.L.
Improved File Scaner. For example, VMProtect 2.09 & apps protected by Themida/Winlicense v.2.1.0.0 can be identified now.

ReadMe.txt for Ext_Detector
Code:
  ********************************************************
  *                                                      *
  *                Ext_Detector.dll                      *
  *                                                      *
  *      Non executable detector for Exeinfo Pe          *
  *                                                      *
  *      ver.1.0.0 - required Exeinfo v.0.0.3.1          *
  *                                                      *
  *               www.exeinfo.xwp.pl                     *
  *                                                      *
  *               2013.07.06 by A.S.L                    *
  *                                                      *
  *                freeware version                      *
  *                                                      *
  ********************************************************
...
exeinfope_v0034_Beta2_696.zip
Ext_Detector_v100.zip
Reply With Quote
The Following 7 Users Gave Reputation+1 to MistHill For This Useful Post:
kienmanowar (08-26-2013), Molasar (08-28-2013), nikkapedd (08-31-2013), the_beginner (08-26-2013), user1 (08-24-2013), wilson bibe (08-21-2013), xtiaoshi (08-21-2013)
The Following User Says Thank You to MistHill For This Useful Post:
Indigo (07-19-2019)
  #30  
Old 10-13-2013, 04:41
Dreamer's Avatar
Dreamer Dreamer is offline
Family
 
Join Date: May 2012
Posts: 607
Rept. Given: 613
Rept. Rcvd 660 Times in 257 Posts
Thanks Given: 117
Thanks Rcvd at 171 Times in 129 Posts
Dreamer Reputation: 39
0.0.3.4 Beta 700 sign

update : 2013-10-10
10.10.2013 - ver.0.0.3.4 Beta 700
15.06.2013 - ver.0.0.3.3 Full - fixed version (2)
30.03.2013 - ver.0.0.3.3 Beta - new user language files added , Hex2Dec converter , ovl click detector
11.02.2012 - updated : Ext_detector.dll - 62 signatures - non executable data file detector
10.11.2012 - added new Rippers , new signatures , .NET exe info , many fixes
22.07.2012 - doc/xls/msi ripper added , bug fixed , new sign added , config text color for user Skin
30.08.2011 - small GUI changes , new signature added , plugin detector added , ver.0.0.3.0
03.01.2011 - added xml ripper, compiler detector, process killer,... ver.0.0.2.9
05.12.2010 - new option , new signatures bug fixes

Code:
http://exeinfo.atwebpages.com
Reply With Quote
The Following 4 Users Gave Reputation+1 to Dreamer For This Useful Post:
emo (10-13-2013), nikkapedd (10-15-2013), sendersu (10-13-2013), wilson bibe (10-13-2013)
The Following User Says Thank You to Dreamer For This Useful Post:
Indigo (07-19-2019)
Reply

Tags
dr.farfar, exeinfo, support the author, this thread is lame

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 09:29.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )