Skip to content
Discussion options

You must be logged in to vote

More a less - yes. Malicious actors will take the source, add their malware, compile it and upload it to Mega, Discord or some other file sharing site and spread it through Telegram, YouTube, Discord etc etc. They'll target Yimmenu, Menyoo etc because they know it's popular and it'll be easy to convince someone to load it up without thinking.

An antivirus will scan and look for bits of code which does not change similar to how Yimmenu makes memory patterns so it can patch addresses or hook things. AVs function in a similar way. It's scanned the malicious Yimmenu DLL, found some areas which are unlikely to change and made detections for it. The problem is those sections where the AV's have…

Replies: 5 comments 4 replies

Comment options

You must be logged in to vote
2 replies
@Undefxned
Comment options

@Hygoprog
Comment options

Comment options

You must be logged in to vote
2 replies
@Hygoprog
Comment options

@FIying-Scotsman
Comment options

Answer selected by Hygoprog
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
6 participants