Im looking for any good cracked packer (themida, enigma), which i can use for obfuscating malware.
-
XSS.stack #1 – первый литературный журнал от юзеров форума
using any of those will make EDR and antivirus jingle like it's christmas time...you can use them to protect a commercial (better if digitally signed) executable...an example is themida who had to make a special section (.taggant) just to store a digital signature with compliant AVs. For malware...this is a very bad idea. The entropy would be really high, same with hooked calls and use of WriteProcessVirtualMemory etc...think that again. Get yourself a crypter, or use a malware that features a builder that would take care of the obfuscation. None of these would however stop reversing it without much effort by an experienced reverser.
/NR
/NR
- Автор темы
- Добавить закладку
- #3
Your right, but all crypters are expensive as f_ck
I have private ink builder (2/26) but it need direct hosting, and direct hosting scanning my stealer (14/26) and wont allow to host it.
You you know any direct link hosting?
I understand you're maybe new in this field, but if you leave your malware as-is, without properly obfuscating it, i think it's quite obvious that is going to trigger some AV. Additionally, if your IP is already flagged as malicious or distributing malware you will never get through AV or even anti-spam filters.
You can try and contact me on TOX, let's see if I can help you someway. You could also try yourself with some crypter whose you have source code for and changing the encryption stub. That should help you in lowering the AV score.
You can try and contact me on TOX, let's see if I can help you someway. You could also try yourself with some crypter whose you have source code for and changing the encryption stub. That should help you in lowering the AV score.
- Автор темы
- Добавить закладку
- #5
Thanks, already found method
