How good would be this crypter?

god osiris · 30.12.2023

Hey dudes,
I'm coding a very simple crypter.
This crypter read the bytes from encrypted malware in AES then inject the bytes in memory Calc.exe process, written in Go, so the final malware its fileless.
There are some debugging and VM evasion methods.

Does it enough to be sold?

secidiot · 30.12.2023

Это ничего не стоит, к сожалению( Таких проектов очень много на github.

god osiris · 30.12.2023

secidiot сказал(а):

Это ничего не стоит, к сожалению( Таких проектов очень много на github.

Even with anti debug and anti-VM?

secidiot · 31.12.2023

god osiris сказал(а):

Even with anti debug and anti-VM?

Если это паблик методы, что скорее всего так и есть, то это тоже стоит ровно ноль.

DimmuBurgor · 31.12.2023

god osiris сказал(а):

Hey dudes,
I'm coding a very simple crypter.
This crypter read the bytes from encrypted malware in AES then inject the bytes in memory Calc.exe process, written in Go, so the final malware its fileless.
There are some debugging and VM evasion methods.

Does it enough to be sold?

Nevermind the cause, but focus on the effect of such works. Namely, is the detection significantly impacted? This will establish it's market value

BlueHairLiberal · 03.01.2024

You can add code obfuscation/mutation and/or control flow flattening to your code. Try the final payload against AV on a VM and see if there's any detections. you can probably get something FUD and that generates an unique payload every time but i don't think it'll be enough for big projects/selling

thecount · 08.01.2024

BlueHairLiberal сказал(а):

You can add code obfuscation/mutation and/or control flow flattening to your code. Try the final payload against AV on a VM and see if there's any detections. you can probably get something FUD and that generates an unique payload every time but i don't think it'll be enough for big projects/selling

check pm

DildoFagins · 08.01.2024

god osiris сказал(а):

Does it enough to be sold?

It would sell well... if we were still living in 2009)). And also crypter in go that works with uncompressed payload data would add like 1mb to the size of initial payload (unless you are using tinygo or something), which doesn't really add points to your crypter.

gulak · 08.01.2024

DildoFagins сказал(а):

It would sell well... if we were still living in 2009)). And also crypter in go that works with uncompressed payload data would add like 1mb to the size of initial payload (unless you are using tinygo or something), which doesn't really add points to your crypter.

he need to use EV to be advance crypt ?

god osiris · 09.01.2024

DildoFagins сказал(а):

It would sell well... if we were still living in 2009)). And also crypter in go that works with uncompressed payload data would add like 1mb to the size of initial payload (unless you are using tinygo or something), which doesn't really add points to your crypter.

humm.. ok, got the point...
Seems that earn some BTCs with coding is more and more harder!
Or I code some big fucking master RaaS or I wont earn money with my powershell/python/Go skills hehe

gulak · 09.01.2024

god osiris сказал(а):

humm.. ok, got the point...
Seems that earn some BTCs with coding is more and more harder!
Or I code some big fucking master RaaS or I wont earn money with my powershell/python/Go skills hehe

Raas is Hard work

How good would be this crypter?

god osiris

HDD-drive

secidiot

Threat Actor

god osiris

HDD-drive

secidiot

Threat Actor

DimmuBurgor

CPU register

BlueHairLiberal

floppy-диск

thecount

ripper

DildoFagins

TPU unit

gulak

ripper

god osiris

HDD-drive

gulak

ripper