Can someone explain me what is this

Ok i download a puzzle engine,and always scan,when i make exe file this show me in hybrid analysis i am not scared but want to know where to remove this or what,





 

TsukaYuriko

☄️
Forum Staff
Moderator
nsis.sf.net is the (outdated link to the) wiki site of the NSIS install system. It's being flagged as dangerous by one of the AV engines used by the website you're using. I'd say that's about as dangerous as tuna in a can.

f@czg.cyzh is a character sequence that matches the pattern of an email address (name@domain.tld). If I slide my hands across my keyboard dseW$#@QAWSedfcvgbhjhnm,.lkij and then remove all the characters that aren't valid in email addresses dseW@QAWSedfcvgbhjhnm.lkij, you get something that matches this format as well (even the forum software autoformatter thinks it is one). Is it malicious? About as much as the tuna.
The "address" in question isn't even a valid email address, because czg.cyzg is not an email provider, or even a valid website domain at all. It's about as much of a valid email address as my faceroll above.

Why is it in the file? Because a single byte can have a value between 0 and 255 (ASCII range), so there's a chance of getting a pattern where there are letters (which make up a sizable amount of the ASCII range) followed by an @ (1/256 chance), then letters again, then a dot (1/256 again) and letters once more when you're dealing with binary files.
As for why the presence of an email address could be considered malicious... beats me. If I really stretch my imagination, it could be indicative of malware that steals your personal data and then emails it to the author, so it would need to know the email address to send it to. But that's stretching my imagination harder than this bunny.

About the imported APIs... those are features used by the runner. Those same features (changing registry keys, files, running programs...) can be used to write malware. The runner isn't malware, and any game that uses the runner isn't inherently malware unless the developer makes it malware.


So, in total, I'd say the tuna is more dangerous.
 
Last edited:
nsis.sf.net is the (outdated link to the) wiki site of the NSIS install system. It's being flagged as dangerous by one of the AV engines used by the website you're using. I'd say that's about as dangerous as tuna in a can.

f@czg.cyzh is a character sequence that matches the pattern of an email address (name@domain.tld). If I slide my hands across my keyboard dseW$#@QAWSedfcvgbhjhnm,.lkij and then remove all the characters that aren't valid in email addresses dseW@QAWSedfcvgbhjhnm.lkij, you get something that matches this format as well (even the forum software autoformatter thinks it is one). Is it malicious? About as much as the tuna.
The "address" in question isn't even a valid email address, because czg.cyzg is not an email provider, or even a valid website domain at all. It's about as much of a valid email address as my faceroll above.

Why is it in the file? Because a single byte can have a value between 0 and 255 (ASCII range), so there's a chance of getting a pattern where there are letters (which make up a sizable amount of the ASCII range) followed by an @ (1/256 chance), then letters again, then a dot (1/256 again) and letters once more when you're dealing with binary files.
As for why the presence of an email address could be considered malicious... beats me. If I really stretch my imagination, it could be indicative of malware that steals your personal data and then emails it to the author, so it would need to know the email address to send it to. But that's stretching my imagination harder than this bunny.

About the imported APIs... those are features used by the runner. Those same features (changing registry keys, files, running programs...) can be used to write malware. The runner isn't malware, and any game that uses the runner isn't inherently malware unless the developer makes it malware.


So, in total, I'd say the tuna is more dangerous.
UF thanks man i was afraid,i always scan,but thanks again :) i know how malware work little :D thanks man i buy you virtual coffe
 

TsukaYuriko

☄️
Forum Staff
Moderator
I'm not attacking tuna, the tuna attacked me... one time when I misjudged the amount of force needed to gently open the fridge door, it sent a loose can of tuna flying at me at mach speed and it hit me directly on the forehead. (That may explain why something has been seriously wrong with me ever since my childhood, now that I think about it...)
Threatuna would be proud.

I still have nightmares about it and have been opening the fridge door with the utmost care in the world ever since. It's better to be careful. I guess that's the moral we can take away from this topic as a whole.
 

Rob

Member
I can attest to the ferocity of canned tuna.
A little-known war has been raging in Oswaldtwistle, England.
Too small to be reported on but big enough that there's usually a pitched battle between the residents and the Tesco delivery guy each Thursday as he unloads his dangerous cargo.
After much intelligence work, mainly consisting of a single conversation with the store manager, it was discovered that the only reason this Tesco even stocks canned Tuna is because Mrs Dribble at number 42 has a REAL hankering for them.
Oswaldtwistles' nemesis has been revealed!
The plot thickens...
 

tetris_mess

Member
Rather than make a complaint to all of you about the posts in your thread, I have a question since I'm in the midst of very qualified developers:

Is there any amount of passion, and drive in doing your work, that would lead you away from doing your jobs? I'm just one of those sensitive people who ask questions like this, since this is a matter of complexity, and "tuna" and "rabbits" don't express an understanding of the vague qualities of simple arithmetic placed into values that are clearly understandable to all people.

I want to see some commitment. Show it to me...like yesterday...the tuna shouldn't be in a can right now...let it out...
 
Top