- Apr 27, 2000
- 22,524
- 12,388
- 136
I'm looking at using a trainer to cheat at my GoG edition of Bard's Tale 4. I identified a trainer application that can modify various settings in the game (enable unlimited HP, weak enemies, other things):
www.wemod.com
I submitted the file for analysis at virustotal and I got these results:
Interestingly enough, when I scanned the file locally, Windows Defender claimed it found no problems. So I loaded it up in Windows Sandbox, and sure enough it dropped some files on the VM. I searched the entire drive for the VM, turned on hidden files, zipped up all the files I could find that correspond to the timestamp of when the file dropper activated, and submitted the .zip file to virustotal. No hits.
Granted, if it did have a trojan payload delivery system, it could probably falsify file timestamps or prevent the OS from seeing the files unless in Safe Mode.
It appears to be a generic cheat engine that loads the correct configuration files for the game you've selected. It's nothing but a web installer.
Anyone else have any insight into this tool? I'm not so desperate to get out of my jam in a video game that I'm going to risk computer security, but at the same time, it'd be a shame not to use it if it's just false positives.
Anything that's a file dropper from an unsigned publisher that also can hook into a process in memory could set off some false positives. Could. But this kind of application is also where I would expect to find some malware.
Get 8 cheats for The Bard's Tale IV: Director's Cut with WeMod, the Ultimate PC Game Modding App
The WeMod app has 8 cheats for The Bard's Tale IV: Director's Cut and supports Steam and Xbox. Download it now!
www.wemod.com
I submitted the file for analysis at virustotal and I got these results:
Interestingly enough, when I scanned the file locally, Windows Defender claimed it found no problems. So I loaded it up in Windows Sandbox, and sure enough it dropped some files on the VM. I searched the entire drive for the VM, turned on hidden files, zipped up all the files I could find that correspond to the timestamp of when the file dropper activated, and submitted the .zip file to virustotal. No hits.
Granted, if it did have a trojan payload delivery system, it could probably falsify file timestamps or prevent the OS from seeing the files unless in Safe Mode.
It appears to be a generic cheat engine that loads the correct configuration files for the game you've selected. It's nothing but a web installer.
Anyone else have any insight into this tool? I'm not so desperate to get out of my jam in a video game that I'm going to risk computer security, but at the same time, it'd be a shame not to use it if it's just false positives.
Anything that's a file dropper from an unsigned publisher that also can hook into a process in memory could set off some false positives. Could. But this kind of application is also where I would expect to find some malware.
Facebook
Twitter