Hi, I'm looking for a good File Binder Source Code in C++ using pure WinApi, I want to study the topic so it's also appreciated any other thread or resource about File Binder techniques.
-
XSS.stack #1 – первый литературный журнал от юзеров форума
Looking for a good File Joiner/Binder C++ Source Code [WinApi]
- Автор темы 3c2n90yt57489t3y8794
- Дата начала
Hi, there to enlighten you,
you need to create a stub to store the malware and the legitimate exe for example. look at this doc it can help you: https://docs.microsoft.com/en-us/windows/win32/menurc/using-resources
And after seeing how you want to launch these files, you can read these files in the resources and launch them in memory.
you need to create a stub to store the malware and the legitimate exe for example. look at this doc it can help you: https://docs.microsoft.com/en-us/windows/win32/menurc/using-resources
And after seeing how you want to launch these files, you can read these files in the resources and launch them in memory.
- Автор темы
- Добавить закладку
- #3
Are there better methods? I know sometimes PE Code Caves are used to make binders
You can also put your PE in the .text or .idata section of a legitimate PE.
Watch on github les Dropper you will find what you need
Watch on github les Dropper you will find what you need
- Автор темы
- Добавить закладку
- #5
Thank you, do you know if shellcode droppers are detectable by antivirus? I remember that years ago all shellcode droppers was FUD, is the situation still the same?
This depends on the functions used, and the evasion techniques used to bypass the EDRs.