Jump to content
Usr6

Writing a File Infector/Encrypter

By Usr6, in Tutoriale in engleza

Recommended Posts

Usr6 Newbie

Usr6

Posted
Posted

These next series of posts will focus on explaining a file infector/encrypter that I wrote a week ago or so. It works with any PE32 executable file, overcomes issues with randomized base addresses, and takes advantage of Visual Studio’s C++ compiler to generate the assembly code to inject into the target. This allows for large portions of the injected code to be written in C and greatly speeds up development time. Lastly, the target file is also encrypted by the infector and the decryption routine is written in to decrypt the file image at runtime. The series will be broken up into the four parts listed below:

  • Background

Online PDF
  • PE file modification/section injection

Online PDF

  • Writing the compiled stub

Online PDF
  • Full source code and remarks

Online PDF

The source code and compiled sample can be found here

A Visual Studio 2010 project can be found here

  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...