Discussion forum for all Windows batch related topics.
Moderator: DosItHelp
-
silent
- Posts: 44
- Joined: 28 Oct 2011 14:40
#1
Post
by silent » 25 Mar 2013 10:39
Hi !
I need help, i have a suspicious EXE file that im sure its made in BAT and it contains some suspicious command like DEL
I need to somehow get its code, i cant run it to check if its in TEMP folder, because it will probably delete my system files.I tried decompressing it in UPX as i did already with one EXE file, but now it says this one wasnt packed in UPX.Is there some way to get the source code without running it ?
-
Squashman
- Expert
- Posts: 4488
- Joined: 23 Dec 2011 13:59
#2
Post
by Squashman » 25 Mar 2013 10:49
Might be able to look at it in a hex editor.
-
silent
- Posts: 44
- Joined: 28 Oct 2011 14:40
#3
Post
by silent » 25 Mar 2013 14:27
But how ? I downloaded some XVI32 hex editor, opened the file in it and i can only see hex values, nothing else.
-
carlos
- Expert
- Posts: 503
- Joined: 20 Aug 2010 13:57
- Location: Chile
-
Contact:
#4
Post
by carlos » 25 Mar 2013 17:21
Edited.
Last edited by
carlos on 13 Apr 2013 20:00, edited 1 time in total.
-
Ocalabob
- Posts: 79
- Joined: 24 Dec 2010 12:16
- Location: Micanopy Florida
#5
Post
by Ocalabob » 25 Mar 2013 18:40
Greetings silent,
Just curious;
1. What is the name of the EXE file?
2. What is the source of the file?
3. How do you know the DEL command is being used?
Ultraedit is payware but it has a trial version and a solid HEX editor.
Best wishes!