can someone tell me if this is true?
If not, why? And how to obfuscate a virus?
video:
I will like every post of you , if you help me
If you're asking if crypting is possible? Yes.
If you're asking whether this specifically works? No, for two reasons:
1. The site is down so the downloads are unavailable. (They were likely packaged with malware anyway.)
2. The video is a year old. Assuming you use the same version of everything, or even more updated versions, any antivirus will be able to detect it by now.
If you want to crypt binaries to avoid AV detection, you'll need to come up with something else. Some places sell crypters, or just individual crypts for a couple bucks for your file, but most of them will be detected in a few days at least.
The best bet you have at long-term FUD is building your malware yourself, and if that starts getting detected, rewrite it in a more creative way, or write a crypter yourself.
I'm not a fan of the RunPE style of crypters, where the binary is literally just encrypted in .rsrc, decrypted by the stub (.text) and subsequently executed by setting RIP to the decrypted binary in the .rsrc section or whatever.
That kind of behaviour is easily detectable by any AV engine, and even if yours has a different signature, it'll only be a matter of time until they pick up yours.
So if you do decide to create your own crypter, aim a little higher, be a little more ambitious. Virtualization goes a LONG way in improving detectability.
Users browsing this thread: