HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Sharperner: generate .NET dropper with AES and XOR obfuscated shellcode

Status
Not open for further replies.
itsMe

itsMe

*KillmeMories*
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Jan 8, 2019
Messages
56,604
Solutions
2
Reputation
32
Reaction score
100,446
Points
2,313
Credits
32,560
‎6 Years of Service‎
 
76%
scan.PNG


Sharperner

Sharperner is a tool written in CSharp that generates a .NET dropper with AES and XOR obfuscated shellcode. A generated executable can possibly bypass signature check but I can’t be sure it can bypass heuristic scanning.

Features

PE binary

    Process Hollowing
    PPID Spoofing
    Random generated AES key and iv
    Final Shellcode, Key, and IV are translated to morse code 🙂

.NET binary

    AES + XOR encrypted shellcode
    APC Process Injection (explorer.exe)
    Random function names
    Random generated AES key and iv
    Final Shellcode, Key, and IV are translated to morse code 🙂

To see this hidden content, you must like this content.
 
Status
Not open for further replies.
Back
Top