rexlManu
commented
4 years ago The two files are rats that i got bcs i got infected
Open rexlManu opened 4 years ago
rexlManu
commented
4 years ago The two files are rats that i got bcs i got infected
GraxCode
commented
4 years ago I made a flow obfuscation remover today that also works on smoke. Check out Generic -> Remove obvious flow obfuscation.
Also what do you mean by "the classes are not clear"? Name obfuscation can't be reversed, only re-obfuscated for better readability.
GraxCode
commented
4 years ago To make a working smoke deobfuscator i need more samples. Please post them here if you can.
GraxCode
commented
4 years ago Is smoke still used anymore?
rexlManu
commented
4 years ago Mostly only in old hack clients. When we check smoke, its already not updated anymore. The website is down and https://twitter.com/smokeobfuscator?lang=de is also dead. So you can close this issue.
Princekin
commented
4 years ago Can you re-upload the samples?
Maby add smoke support?
Here a two files: https://workupload.com/archive/cZAa2Z3F
The second with 2 in the name is deobfuscated with yours, but the classes are not clear.