virus in sleep.exe in any variants of boothelper (original,1click,gui 1 click...)

Discussion in 'iPod touch 2G Jailbreak: redsn0w, 24kpwn, etc.' started by koolhermit, Feb 3, 2009.

  1. koolhermit

    koolhermit New Member

    Joined:
    Jan 31, 2009
    Messages:
    13
    Likes Received:
    0
    the sleep.exe in these boothelpers are much larger than, say, this sleep.exe that does exactly the same thing
    http://unattended.msfn.org/files/global/sleep.zip
    (>100kb vs 25k)

    according to virustotal, the sleep.exe that comes with these boothelpers has a fakedoc.2 trojan (anyone know what the trojan does?)
    also the PE header has some sections with weird names:
    "name viradd virsiz rawdsiz "

    anyone into disassembling the binary?
    comments from any experts in windows binaries and related stuff?
  2. Yohurt

    Yohurt New Member

    Joined:
    Feb 2, 2009
    Messages:
    29
    Likes Received:
    0
    I got this sleep.exe from a random site. I didn't knew there were any virusses in it. Not sure if there even are any because it could be a false positive. The newest version of 1ClickBoot doesn't have sleep.exe in it anymore, so could you please edit your post

    Please Register or Log in to view images


    Thanks for stating this though!
  3. Ryan

    Ryan Well-Known Member

    Joined:
    Jan 19, 2008
    Messages:
    4,129
    Likes Received:
    28
    Device:
    Nexus 4
    hmm thats why you should always get it from trusted sources.
  4. thehacker123

    thehacker123 New Member

    Joined:
    Oct 12, 2007
    Messages:
    192
    Likes Received:
    0
    Device:
    2G iPod touch
  5. beebop

    beebop New Member

    Joined:
    Oct 3, 2008
    Messages:
    747
    Likes Received:
    0

Share This Page