ThisTestUser
commented
5 years ago Closed x0Rev closed 4 years ago
ThisTestUser
commented
5 years ago 
x0Rev
commented
5 years ago i really appreciate that man now i gotta go do some digging so many classes to check
Janmm14
commented
5 years ago What you got there is just the downloader, at least it looks like that for me.
it reads the download location from pastebin.com/raw/d1zgU5qC, currently its pointing to bullywiiplaza.website/B.jar there you have another obfuscated jar file
ThisTestUser
commented
5 years ago x0Rev
commented
5 years ago ok i found this in the second file it was a link to a mega download and the file is called data_stealer.jar its also obfuscated using the same thing is it a potential rat? or is it the actual file that grabs your hwid
ThisTestUser
commented
5 years ago
need some serious help can't manage to deobfuscate and its one of those annoying ones i originally bought this program (its free to download but has a hwid lock you need whitelisted for which i was but now its not working came out 2 years ago) i did contact the creator but apparently he doesn't respond to messages anymore which is an issue because he hosts the paid program
pretty sure it uses zelix anyways heres the link id prefer a hwid bypass rather than a deobfuscate but if thats not possible im fine with a deobfuscate https://mega.nz/#!KwkxQC5Z!QvuJIpRrfeYVSyp2ZNXZi3CDdvOI_Vct3550e3ge2xs