Подскажите как сделать криптор

[DoomSlayer2002]

Я совсем немного знаю си и плюсы, сейчас читаю материалы про методы LoadPE и RunPE и вроде более менее про это я понял... Но про стабы нигде не могу найти толковую информацию подскажите

1) Какой алгоритм для шифрования лучше выбрать?
2) Сам стаб который будет дешифровывать код LoadPE или RunPE с кодом криптуемого файла, как его сделать каждый раз уникальным? Делать какой-то алгоритм для генерации мусорного исходного кода ?
3) На основе каких факторов контролировать энтропию, я понял что от энтропии зависит палевность файла для антивирусов, как определить нужное соотношение?
4) Каким образом осуществлять антиэмуляцию, неужели авторы крипторов исследуют все антивирусы и смотрят в дизассемблере как работает эмулятор?

P.S. Было бы круто увидеть мнение человека который на постоянке криптует)

 

[mose3c]

so easy all you need is skills in c / c ++ and follow my steps you will you'r first fud crypter

Alogrithem to encrypt your payload you can use AES256 or RC4

All done you encrypt your payload with any algorithem the next step is to load the encrypted payload in you'r stub using: CreateFile, ReadFile
and decrypt it in memory

and know you can now process hollowing the decrypted payload in memory to distenation image

by creating new suspended process, get the peb address and then read distantion image address
for x86 it will be after 8 bytes and the image address size is 4 so readprocessmemeory

ten unmount view of section

copy you'r image start the threads resume the process,
#note some images need to relocation the headers

#github this will help very well:
process hollowing without encryption https://github.com/m0n0ph1/Process-Hollowing

if you want to add encryption to the project just choose your encryption and add it to your project

If you need any help dm i will help you to make you'r first crypter


finaly : you have to know the AV/EDR now use kernel call back and etw to detect the malwares so you need more skills , like using direct sys calls and other jobs not easy but you have to try

 

[DoomSlayer2002]

so easy all you need is skills in c / c ++ and follow my steps you will you'r first fud crypter

Alogrithem to encrypt your payload you can use AES256 or RC4

All done you encrypt your payload with any algorithem the next step is to load the encrypted payload in you'r stub using: CreateFile, ReadFile
and decrypt it in memory

and know you can now process hollowing the decrypted payload in memory to distenation image

by creating new suspended process, get the peb address and then read distantion image address
for x86 it will be after 8 bytes and the image address size is 4 so readprocessmemeory

ten unmount view of section

copy you'r image start the threads resume the process,
#note some images need to relocation the headers

#github this will help very well:
process hollowing without encryption https://github.com/m0n0ph1/Process-Hollowing

if you want to add encryption to the project just choose your encryption and add it to your project

If you need any help dm i will help you to make you'r first crypter


finaly : you have to know the AV/EDR now use kernel call back and etw to detect the malwares so you need more skills , like using direct sys calls and other jobs not easy but you have to try

Thank you i already DM you

 

[mose3c]

Thank you i already DM you

Ok freind .