Unity Peach Hills Division [v0.48.6] [Peach Hills]

[lekhanhdu]

I lost the damn cat, there are no footprints, it was on the roof and then it disappeared

its right here bro (if you cant find it, try downloading the newest version)

 

[YAT9T]

its right here bro (if you cant find it, try downloading the newest version) View attachment 5041069

Yes, I did what you said. Then I found it in the central park near the train station. Then it came in front of my house and disappeared again. It's not there behind the house. This cat drove me crazy.

 

[lekhanhdu]

Yes, I did what you said. Then I found it in the central park near the train station. Then it came in front of my house and disappeared again. It's not there behind the house. This cat drove me crazy.

Open the trash can at the entrace of the alley. Then you will see the a trash bag, click it multitime and the cat will appear and run away (end mission)

 

[YAT9T]

Open the trash can at the entrace of the alley. Then you will see the a trash bag, click it multitime and the cat will appear and run away (end mission)

Will there be new missions later? Currently, I only have this and training with Leila. I don't have any other missions and there are scenes I haven't seen.

 

[beasty_bitch]

Just got a Trojan:Script/Wacatac.H!ml hit when playing this game

 

[Uncle Eugene]

Just got a Trojan:Script/Wacatac.H!ml hit when playing this game

v034.19 had a virus

 

[StapleComm]

Confirmed there was a virus (on a previous version, OP links are ok now), no idea what it does, probably some kind of stealer, didn't look like it wanted to run itself again, but do change your passwords please and consider system cleanup/reinstall

Man, I have so many accounts, changing passwords will be a pain

 

[Uncle Eugene]

Man, I have so many accounts, changing passwords will be a pain

I didn't do it myself yet. Guess my lazy ass will move only when it will be too late

 

[StapleComm]

I didn't do it myself yet. Guess my lazy ass will move only when it will be too late

Oh well

 

[megamind8]

I didn't do it myself yet. Guess my lazy ass will move only when it will be too late

How did you figure out it was a stealer, because my Windows Defender didn't say anything about it. I even did a Full scan and it found nothing

 

[Uncle Eugene]

How did you figure out it was a stealer, because my Windows Defender didn't say anything about it. I even did a Full scan and it found nothing

I've found where it comes from, got the domain, got the payload, cmd and executable it unpacks, analyzed it's behaviour. But I can't be sure it's a stealer. It's just... Like... 70% certainty guess

Now I'm thinking about creating plugin for unity games you could install on top of any game to get high chances of my code detecting and blocking virus, if it was there, before it does anything

 

[StapleComm]

I've found where it comes from, got the domain, got the payload, cmd and executable it unpacks, analyzed it's behaviour. But I can't be sure it's a stealer. It's just... Like... 70% certainty guess

Now I'm thinking about creating plugin for unity games you could install on top of any game to get high chances of my code detecting and blocking virus, if it was there, before it does anything

And no idea what it would steal either, right?

 

[megamind8]

I've found where it comes from, got the domain, got the payload, cmd and executable it unpacks, analyzed it's behaviour. But I can't be sure it's a stealer. It's just... Like... 70% certainty guess

Now I'm thinking about creating plugin for unity games you could install on top of any game to maximize the chances my code will detect and block virus, if it's even there, before it does anything

Can you share the executable, also where did you find it. I would like to look into it as well. I'm not that experienced with analyzing malware, but maybe I can find something and also I would feel better if I knew 100% what it does.

The plugin idea is good, maybe its possible to block the application from making requests/connecting to the internet in any way by hooking functions or something. I'm not sure if its possible.

 

[slymfuryy]

im done with everything expect lila quest i found 3 magazine one in alley soda machine and overlook wheres the last one ?

 

[Uncle Eugene]

And no idea what it would steal either, right?

Correct

Can you share the executable, also where did you find it. I would like to look into it as well. I'm not that experienced with analyzing malware, but maybe I can find something and also I would feel better if I knew 100% what it does.

The plugin idea is good, maybe its possible to block the application from making requests/connecting to the internet in any way by hooking functions or something. I'm not sure if its possible.

Not sure if you can download attachments from other people DMs, but I'll try to send it in DM
Would be cool to know what it does, but I'm not that experienced either, so it is what it is

hooking functions is what I was thinking about, meanwhile I've done first iteration of this hook that successfully blocks this virus (and likely many others) from executing, not yet ready to create a post about it but I'll drop it here so you may use it already to be extra safe. It will only work on Unity Mono games and only block the most suspicious calls as of this version

Install: unpack to game folder where .exe file is located
Usage: if anything too sus happens you'll get a message window and game will shut down, your antivirus can take it from there. Probably should be viable against every current virus since the virus devs don't yet know about this patch and didn't come up with any workarounds. And I assume it's 1 person or group and their methods should be pretty much the same along every infection

 

[Uncle Eugene]

lol antivirus patch was marked as virus what a time to live in

I'm too lazy to repack it so either don't use it or unpack and scan the files themselves, it's something with archive it's shitting about. But I strongly recommend to read the source code of a plugin to know exactly what it does

 

[StapleComm]

Ah right shit I completely forgot, I did a full scan and I found some other trojan after it

 

[Uncle Eugene]

Well if you executed the virus from this game it creates 2 exe files and 1 cmd file all of which are part of the virus code chain, so it is very possible you just found yet another part of the same virus

 

[StapleComm]

Well if you executed the virus from this game it creates 2 exe files and 1 cmd file all of which are part of the virus code chain, so it is very possible you just found yet another part of the same virus

I think so, yeah. Took 9 fucking hours for a full scan. Even pulled out Ethernet cable just to be safe, although no clue if that was a good idea.

Just to be sure, the name is Sabsik.TE.A!ml

 

[adri12]

Did anyone find the latest magazine?