Simple infector (with UAC bypass + silent autostart)

[golpebaixo123]

Thankss!!

[dkadir]

I made this code for education purpose.
What does it do?
-Disable UAC via regkey
-Adding prepared regkey to ActiveSetup branch (undetectable autostart)
-Copying itselfs onto %CommonProgramFiles%

I know there is better way to disable UAC but i dont publish it here. Why? I suggest to dig around on your own, its better than ctrl+c ctrl+v
This code may alarm AV scanners. Trust me, if you gain some experience, you will find out why e.g. malloc 100M returning NULL on dynamic AV emulation

Ofc, you can write own crypter (better do not release it, will work longer) e.g. changing CALL xxxxx onto spaghetti JMP over the sections. It changing whole structure, but dont break the code.
With this code you can write anything you want to. Bot, keylogger, backdoor, adware shit. You can write some funny shit to, e.q. change ModuleHandle of explorer.exe via PEB and TEB rewrite, or starts any process with Critical process flag.
 

Thank You

[croll]

Just what I was looking for. I hope this method works with Win10.

[javivalle]

thanks

[murave]

ty

[SecondLife]

thanks

[johnmagenta]

nice post, continue

[johnmagenta]

good

[howtf]

ty

[0x27]

thx.