09-03-2024, 10:48 AM
DM ON TELE FOR MORE INFO: @barclaysbankhitta
People who aren't familiar with a crypter, all it is a program which can stage your payload in a way which isn't detected. There are plenty of free ones online, I am selling one that if you buy a license (not the source code) i will regularly maintain and update the stub to keep it undedected and add several new features.
At the moment it can take Mimikatz from 64 flags on VirusTotal to 2 flags. Getting to 0 is conceivable and will be a goal at some-point in the future.
As for dynamic analysis (behaviour of the program) windows defender does not catch it there. Paid anti-viruses I have NOT TESTED for dynamic analysis. It shouldn't but it might if so I will be more then enthusiastic to fix it. Some features are
- Encrypts most 32-bit or 64-bit payloads with aes
- Executes them in memory with syscalls (no windows api) on the target
- End result is a .NET assembly which can be built to exe. or a dll and powershell stager to run it inline can be generated.
- Can callback to a tcp server (example given to buyer) to export antivirus, build info, architecture, username and hostname
Some coming features are:
LOL (living of land) capability -> in the registry
Self morphing capabilities -> every time the program runs it becomes more and more obfuscated
my standard price for one license is 0.45 xmr
(source code differs)
People who aren't familiar with a crypter, all it is a program which can stage your payload in a way which isn't detected. There are plenty of free ones online, I am selling one that if you buy a license (not the source code) i will regularly maintain and update the stub to keep it undedected and add several new features.
At the moment it can take Mimikatz from 64 flags on VirusTotal to 2 flags. Getting to 0 is conceivable and will be a goal at some-point in the future.
As for dynamic analysis (behaviour of the program) windows defender does not catch it there. Paid anti-viruses I have NOT TESTED for dynamic analysis. It shouldn't but it might if so I will be more then enthusiastic to fix it. Some features are
- Encrypts most 32-bit or 64-bit payloads with aes
- Executes them in memory with syscalls (no windows api) on the target
- End result is a .NET assembly which can be built to exe. or a dll and powershell stager to run it inline can be generated.
- Can callback to a tcp server (example given to buyer) to export antivirus, build info, architecture, username and hostname
Some coming features are:
LOL (living of land) capability -> in the registry
Self morphing capabilities -> every time the program runs it becomes more and more obfuscated
my standard price for one license is 0.45 xmr
(source code differs)