if thing has base64 code for virus, i just delete that line of code and it works? I have found potential thing but it obviously has a rat in the source code
You could’ve saved alot of time by just tunneling your traffic to a proxy and sniffing the outbound and inbound connections to see if they use a server to validate Edit: instead of using 2-3 different tools, just use Ghidra, it’s free too