Thankss!!
Simple infector (with UAC bypass + silent autostart)
#182
Posted 28 April 2018 - 10:29 PM
I made this code for education purpose.
What does it do?
-Disable UAC via regkey
-Adding prepared regkey to ActiveSetup branch (undetectable autostart)
-Copying itselfs onto %CommonProgramFiles%
I know there is better way to disable UAC but i dont publish it here. Why? I suggest to dig around on your own, its better than ctrl+c ctrl+v
This code may alarm AV scanners. Trust me, if you gain some experience, you will find out why e.g. malloc 100M returning NULL on dynamic AV emulation
Ofc, you can write own crypter (better do not release it, will work longer) e.g. changing CALL xxxxx onto spaghetti JMP over the sections. It changing whole structure, but dont break the code.
With this code you can write anything you want to. Bot, keylogger, backdoor, adware shit. You can write some funny shit to, e.q. change ModuleHandle of explorer.exe via PEB and TEB rewrite, or starts any process with Critical process flag.
Thank You
Users browsing this thread: