- Joined
- Jan 8, 2019
- Messages
- 56,608
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,454
- Points
- 2,313
- Credits
- 32,600
6 Years of Service
76%
Pro tip: For enabling the primitive emulation bypass or "Anti Memory Scanner", remove the " ' " in line 537 in source.txt.
Its functionality is pretty simple, some strings are not encoded so you can do it, this will prevent the source from getting detected too fast.
Used themes:
-Knight theme by byEarn (HF)
-Meth Theme by Mephobia (HF)
All (optional) functions:
- Evade AV detections
- Add Icon
- Add Antis [SandboxieRpcSs, VBoxTray, VBoxService, vmtoolsd, Procmon64, Procmon, ProcessGovernor, ProcessLasso,ProcessHacker, Taskmgr]
- Copy Temp => the process copies its file to the temp folder and restarts at the new location
- Delay => delays the execution of your testing "payload", to bypass some other av detection techniques or just delays the execution (maybe detected)
- Autostarts
- Registry => writes a registry key so your program will automatically starts with your system
- Autostart => copies the file into the autostart folder from the current user.
- File Info => Set the information you can see in the properties.
Hidden:
=>Anti Emulation : will prevent runtime detections
=>USG : changes many variable names to evade detection trough static string names
=>Dynamic Editing : only functions that are enabled will be added into the sourcecode of the source.txt
=>Gen Properties : I will present you way of saving data, with this easy trick, gets less detected than simple functions that are returning anything...