Jump to content
devilsystem

LethalSpoofer , change your exe in jpg, avi ,doc, zip,pdf and png

Recommended Posts

Posted (edited)

hello guys ,

Here is a simple tool but very usefull and perfectly working called lethalspoofer

this software is able to change with ease the extension of your server.exe as trusted extension like :

-jpg

-png

-avi

-pdf

-doc

-zip

here is some pictures :

the spoofer itself :

6OtmU.png

the spoofed output file :

6OmQu.png

as you can see on the picture , the extension has been perfectly spoofed and nobody can see it was originaly an Exe as the majority of others spoofer

And it is also important to know that Output's from LethalSpoofer are not .NET dependent so don't requires any net framework :)

Scan of LethalSpoofer :

https://www.virustotal.com/en/file/60e9afc2bd0bec0d57053022668a81f5b92023ddc9d07c5ba428b30ac19bbf1b/analysis/1391876801/

Download link :

// removed

Edited by aelius
Posted

INFECTAT

Startup

LethalSpoofer.exe (PID: 900 MD5: 329E24D4DFDB2CE14672893F30627D6B)

reg.exe (PID: 1940 cmdline: C:\WINDOWS\system32\reg.exe add HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows /v Load /t REG_SZ /d C:\LethalSpoofer.exe /f MD5: C65122B94F7C82065FE86C32CF271F6D)

LethalSpoofer.exe (PID: 1796 MD5: B8E0F3294F6EA051200387DCEDFBEBFF)

DW20.EXE (PID: 1792 MD5: A981419C39CC02259B8F2DA3974000D9)

Joe Sandbox Desktop - Analysis Report 8077

Guest
This topic is now closed to further replies.


×
×
  • Create New...