Does anyone here know how to obfuscate an EXE file to send it by email for example send a doc file or an excel file when the target opens it and accept the macro execution it is going to download the exe and run it
thanks!
thanks!
-
XSS.stack #1 – первый литературный журнал от юзеров форума
how to obfuscate EXE file
- Автор темы darkdark
- Дата начала
Hi friend! Will need a bit more clarification! You are trying to send the EXE directly in the email? Or it's a macro you have that will run it? Either way, you will need to do a number of techniques to ensure your EXE isn't caught. Normally this involves extract the .text section and then putting it into a loader. Public loaders are generally always signatured and caught, but a private loader that is well made will get you right by any defenses 
I'm also interested to learn the same thing to spread it through e-mail in a pdf. If you have found any solution i will be happy if you'll let me know.
Hi, i can make you a .doc that downloads and executes a exe file without any AV detection, DM me
but even with good loader you need to obfuscate the payload , right?Hi friend! Will need a bit more clarification! You are trying to send the EXE directly in the email? Or it's a macro you have that will run it? Either way, you will need to do a number of techniques to ensure your EXE isn't caught. Normally this involves extract the .text section and then putting it into a loader. Public loaders are generally always signatured and caught, but a private loader that is well made will get you right by any defenses
Yes many don't understand this. Example in Cobalt we use a sleep mask...but if your payload is just a stealer, no Loader on the planet will help you. The more known your stealer is the less success you will have. Developing a stealer with unique stubs and sleep obfuscation would be very good
Can exploit document vulnerabilities for execution
you dont need to sleep and other obsec things with stealer just one click and move on but using Rat " c2 " will be difficult bcs you need persisntance option in your Operation to successYes many don't understand this. Example in Cobalt we use a sleep mask...but if your payload is just a stealer, no Loader on the planet will help you. The more known your stealer is the less success you will have. Developing a stealer with unique stubs and sleep obfuscation would be very good
Price? And exe work after target turn on macros in .doc?
macro is not good way to try bypass AV Or EDR
70$ exe gets saved in temp folder and executed, there is also a persistence function
are you doing crypt service ?
Nope sry, but i sell malware that makes defender exclusion for whole Partition and then downloads and executes payload. ALL WITHOUT ADMIN RIGHTS! PM me if you are interested.
you mean downloader " loader "
You can use latest cobalt strike version and create yourself undetected payloads that you can send via email just by using free open source tools from github.
Don't pay for crypting service since there is no guarantee that tomorrow it will not get caught by AV/EDR. If you want to learn, then you need to try.
Good luck with your journey.
Don't pay for crypting service since there is no guarantee that tomorrow it will not get caught by AV/EDR. If you want to learn, then you need to try.
Good luck with your journey.
crypt service is not good but free tool shared for public on github good ? how is that
Thank you for the free guide
Последнее редактирование:
which file format can you send via gmail? i can make fud payloads etc, but i dont have something gmail sendable
