SoaR Router

I had some people DM me and tag me on this post to determine if it's malware or "slop". Using the software requires providing billing information prior to downloading the trial. I got mildly annoyed by this and contacted support. I requested access to the binary without needing to provide billing information. Their support team was ... actually very, very, very polite and nice. I was kind of taken back by how polite they were. They provided me the software with a 60 day trial. I can't tell if they know I do malware development and reverse engineering because (usually) places are hesitant to just give me the stuff like this on a platter. I would feel bad if I was hyper-critical of this product because of how polite the person running this profile is, they're just a chill dude. To be direct: - Is this malware? No. - Is this slop? Probably not, no. - Does this actually improve FPS? Yes, unironically. However, it is very important you realize this software is changing the voltage and clock speed on your machine (among other things). They're achieving this in a legitimate way by working with AMD and Intel with actual SDK (Software Development Kit) documentation. This product went to great lengths to secure its source code. It has junk code insertion, in-memory patching (stubs), junk variables, control flow obfuscation, and it also does device finger-printing to ensure you don't steal their product. All of this was performed using professional anti-reverse engineering products. It was a real pain in my balls to deal with. I got mildly irritated at several points. Some strings are AES256 encrypted and decrypted when needed (run-time lazy loading) making static-analysis even more difficult. Despite all of this, none of it is malicious. They just don't want nerds stealing their stuff. At first glance however it does use methods similar to malware to avoid reverse engineering. The application UI is also incredibly heavy. It is using the latest and great .NET UI stuff to make it look super cool and gamer-like. It launches from HyperTune.exe which then loads the actual (super obfuscated) HyperTune.dll using HOSTFXR (Google it). The obfuscation tools they used disassembled and fractionated the application entry point (and subsequent functionality) down into 1,618 other functions (see attached image) The only saving grace was the visibility into it's dependencies and other 3rd party libraries it uses (Realm for local settings savings, Sentry for logging errors, SimpleInjector for handling classes they use, etc). I won't go into full details on how their product actually works, I would feel bad because of support dude being a chill dude, but here is my main criticism: - Loading of kernel-mode drivers from vendors for overclocking. They load AMD and Intel drivers based on your hardware profile on your machine. However, the driver configuration settings are set to AUTOSTART. Hence, once you use this software these kernel-mode components will auto-start even if HyperTune is not running. Additionally, uninstalling HyperTune will not uninstall these kernel-mode components. These kernel-mode components come by default with the installer in a directory called /3p/ but move to SYSTEM32 after installation (as they should be). - For reasons I do not understand, HyperTune modifies HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU ... it disables automatic updates from Windows. I don't know why. My presumption is this could prevent potential driver conflicts, but if not managed correctly this exposes users to security vulnerabilities. Did they actually spend $1,000,000 developing this? With a full development team, infrastructure they're using (Sentry, VERCEL, enterprise and professional anti-reverse engineering tools, etc) ...maybe...?

75% of gamers are limited by their FPS. We spent $1,000,000 to even those odds.

I really wanna stay in the US but my Visa expires soon :/ Anyone know of any jobs in the Dallas/LA areas (Construction/Project Management, Civil Engineer, E-Sports, Media + Marketting, Editting, PA, anything) It’s impossible to get hired over US citizens without a connect :/