I have an EV certificate and I've signed either my .exe which runs a stealer then it drops hVNC, I put this .exe on a dropbox URL and it seems to last maximum 28 hours before Chrome detects it, same with Windows. What is a way I can keep this up without having to spend almost 4 figures everyday recrypting? And how can I avoid these detects? Should I put the .exe in a zip with a password? How can I make this not look messy? Does Dropbox scan files? How do people get a reputable domain?
-
XSS.stack #1 – первый литературный журнал от юзеров форума
Best way to keep malware up consistently?
- Автор темы who
- Дата начала
okay , first the start up method that your exe is use , if it use registery keys the defender would kill it
2nd i would suggest to use feature like adding your file to defender exclusion list ( can be done through ps or inside the exe by the coder )
3rd i think drop box is not good option use your own hosting and domain name
also which encryption method you use if its cheap random encrypt it would not last also you need someone encrypt only for you
2nd i would suggest to use feature like adding your file to defender exclusion list ( can be done through ps or inside the exe by the coder )
3rd i think drop box is not good option use your own hosting and domain name
also which encryption method you use if its cheap random encrypt it would not last also you need someone encrypt only for you
First, as black-codes said, check whether the exe is calling reg keys. BIGGEST red flag. Second, DropBox does indeed analyze the files, so I wouldn't recommend using dropbox at all, rather use some open source or a "indie" file host/share site, in my personal opinion fileLu, cheap and reliable ( ig ). In terms of crypting, I own a crypt and a reg exploit, and as a developer, files getting analyzed by customers, virustotal or many google downloads is one if not the biggest problems we face. Zipping + password to you stubs kind of fixes the issue (?). They at least stop files from getting analyzed by google or email, but again, does not fully fix the problem, just adds makeup and sparkles to it. Conclusion, to keep your malware up, you gotta keep up with security solutions. Simple as that. In terms of "product", the most stable solution for evasion and long lasting stubs is a reg exploit. They are ahead of the rest of tools, problem with .reg exploits is that they are Windows Defender focused, they should be FUD to static analysis ( if someone sells you a reg exploit with a avcheck.net score higher than 1, you are getting scammed ), but runtime is a whole different story and reg exploits do not compete with the other solutions. Hope this information suits you well. I'll answer any question you might have from now on 