- Joined
- Jan 8, 2019
- Messages
- 56,623
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,456
- Points
- 2,313
- Credits
- 32,750
6 Years of Service
76%
Implementation of a malicious dropper of your executable bytes under VBS scriptlets, with some minor functions. The essence of the implementation is quite trivial, your executable file is encoded in base64 format and placed in the dropper stub, and actually when launched it is decoded and depending on the options it is decided where it will be extracted and launched. The script also has support for obfuscation of the final dropper. More details below.
Features
Payload encoding: Malware Bytes encoded to base64.
Hide-File: Method of hiding a file after dropping it on a physical disk.
Obfuscation-Engine: Obfuscation engine for final vbs-stub.