And to finish my hackforum tour for the day...
9Kb with UPX:
Looking for process:
And CreateRemoteThread. (the first time i run the malware made Firefox crashed, second time it worked)
So let's debug Firefox...
when i try to log in on virustotal:
POST req are intercepted:
Data are enc and send to the panel (here it's localhost/development/panel.php)
If you look for the sample...