12sky2viewer for client version 00102

Hi, I created a apps to view 12sky2 account,password,char name ,and char location in x,y, and z.

[Only registered and activated users can see links. Click Here To Register...]

I'm not sure I want to click that link o.o

File 12Sky2Viewer.exe received on 2010.06.13 21:38:09 (UTC)

Antivirus Version Last Update Result
a-squared 5.0.0.26 2010.06.13 Trojan.Win32.Inject.aoxz!A2
AhnLab-V3 2010.06.13.00 2010.06.12 -
AntiVir 8.2.2.6 2010.06.13 -
Antiy-AVL 2.0.3.7 2010.06.11 Trojan/Win32.Refroso.gen
Authentium 5.2.0.5 2010.06.13 -
Avast 4.8.1351.0 2010.06.13 -
Avast5 5.0.332.0 2010.06.13 -
AVG 9.0.0.787 2010.06.13 -
BitDefender 7.2 2010.06.13 -
CAT-QuickHeal 10.00 2010.06.12 -
ClamAV 0.96.0.3-git 2010.06.13 -
Comodo 5088 2010.06.13 -
eSafe 7.0.17.0 2010.06.13 -
eTrust-Vet 36.1.7629 2010.06.11 -
F-Prot 4.6.0.103 2010.06.13 -
F-Secure 9.0.15370.0 2010.06.13 Suspicious:W32/Malware!Gemini
Fortinet 4.1.133.0 2010.06.13 -
GData 21 2010.06.13 -
Ikarus T3.1.1.84.0 2010.06.13 -
Jiangmin 13.0.900 2010.06.13 -
Kaspersky 7.0.0.125 2010.06.13 -
McAfee 5.400.0.1158 2010.06.13 -
McAfee-GW-Edition 2010.1 2010.06.13 -
Microsoft 1.5802 2010.06.13 -
NOD32 5193 2010.06.13 -
Norman 6.04.12 2010.06.13 -
nProtect 2010-06-12.01 2010.06.12 -
Panda 10.0.2.7 2010.06.13 -
PCTools 7.0.3.5 2010.06.13 -
Rising 22.51.06.01 2010.06.13 -
Sophos 4.54.0 2010.06.13 -
Sunbelt 6444 2010.06.13 -
Symantec 20101.1.0.89 2010.06.13 -
TheHacker 6.5.2.0.298 2010.06.12 -
TrendMicro 9.120.0.1004 2010.06.13 -
VBA32 3.12.12.5 2010.06.11 -
ViRobot 2010.6.12.3882 2010.06.13 -
VirusBuster 5.0.27.0 2010.06.13 -
Additional information
File size: 367347 bytes
MD5...: 27345e6fe1f88f5f1914873b43e0cc0e
SHA1..: 0325314b4c7601854d5be1d739d71c0c4f592ed5
SHA256: 185bd6f89a7fa561138c0f56cb7fa896885316a9075dbe71d9 b9359d396e827c
ssdeep: 6144:Q1db49+rEg024fpLZazEjvE/rbay19tSt4bO2BaDmeBJe59kIJINEQkoWxF
:QjkArEN249AyE/rbaMct4bO2/VrQfW
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xb8b90
timedatestamp.....: 0x4bc81615 (Fri Apr 16 07:47:33 2010)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x76000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x77000 0x42000 0x41e00 7.93 f0fe5b03621689cbf64c74409845b7b9
.rsrc 0xb9000 0x8000 0x7400 5.91 b9bb150fdedbb415b4948c63448124be

( 16 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> ADVAPI32.dll: GetAce
> COMCTL32.dll: ImageList_Remove
> COMDLG32.dll: GetSaveFileNameW
> GDI32.dll: LineTo
> MPR.dll: WNetGetConnectionW
> ole32.dll: CoInitialize
> OLEAUT32.dll: -
> PSAPI.DLL: EnumProcesses
> SHELL32.dll: DragFinish
> USER32.dll: GetDC
> USERENV.dll: LoadUserProfileW
> VERSION.dll: VerQueryValueW
> WININET.dll: FtpOpenFileW
> WINMM.dll: timeGetTime
> WSOCK32.dll: -


Apart from the few alerts there, why does this program call "WININET.dll: FtpOpenFileW"? I cant see any reason for it to access a FTP.

Sounds to me like a way to get people's account info

It is... haxers usually use a email getaway.. or FTP, and the program sound suspicious.. since it has the addresses of your acc name and password :P

All those information is in the client. you think you are safe when using mapfun,trainer,dual client and ect. Think again.

for people who know me , they trust me.

Jex , former li-quidbot

it sounds like a Keylogger to me !

Can u post some screens ? or some more info about the apps?

it is just a tools to show your info.
Try this --> use CE and search for your account , it will show in CE . make sure u search as text. what i do is label on my tools.

i also added a function to save your coordinate so u can move to the coordinate instantly.

does it work if ur give in another Account name i dont know the pasword from ?

lol well your safe using map fun i dont care about your logins. this does look suspect. somone try it with a new account that dosnt matter if it gets hacked and see if it works ;)

It have virus i dont know if i should download this :S Can some1 try it ?

works peferfectly fine, thanks jex!!

please stop hacking people.. make the game look good!