Smartscreen Bypass?

[GGHTC]

Hi, i have coded some Malware and there are now 0/26 on antiscan.me and Fud by runtime, tested with WD. MalwareBytes and McAfee.

It also bypasses the Browser scan.

Does anyone know, how i can bypass the windows smartsceen as a exe file??

 

[0x4809234098234]

if you can sign with a valid PFX it will bypass. You could also try maybe different format and firing something through LNK

 

[marauda18]

Hi, i have coded some Malware and there are now 0/26 on antiscan.me and Fud by runtime, tested with WD. MalwareBytes and McAfee.

It also bypasses the Browser scan.

Does anyone know, how i can bypass the windows smartsceen as a exe file??

Like the person above mentioned.

Even if the file is FUD, downloading from the internet will add the MOTW by default, so you will need a valid trusted signing certificate to bypass the warning.

The other alternative is to use a legit trusted application already installed in the machine(LOLBINS) to execute your .exe(or .dll), like for example windows shortcuts, using a trusted signed application as parent process. Just send it hidden in a ISO/IMG container or zip file.

Even now showing the MOTW warning, the file will not be blocked by Smartscreen. It's all about the certificate actually, if your payload is clean.