This is my first experience making a crypter. This software gets .Net EXE file and outputs .cs uncompiled stub code This project is still a WIP. I'm working on it whenever I have free time. In the future i'll try to improve the detection rate.
Currently working on my own implementations of process-hollowing
I've tested it using antiscan.me with r77 rootkit compiled executable.
Before Crypt:
After Crypt:
- XenCrypt Project - Inspiration for how the crypter should work.
- gigajew - Reflective Loading/Load Assembly code to run the exe in memory.
- Internet Articles - For knowledge on the topic and simple evading methods ideas.