Skip to content
/ Evader Public

Packer (actually a crypter) for antivirus evasion implemented for windows PE files (BSc-Thesis)

103 stars 27 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

KooroshRZ/Evader

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
Packer
Packer
 
 
UnpackStub
UnpackStub
 
 
.gitignore
.gitignore
 
 
Evader.sln
Evader.sln
 
 
README.md
README.md
 
 

Repository files navigation

Evader

========

It's an exe packer (and a crypter) which will encrypt your PE exe input file and add it as resource to the end of the output new exe file The encryption key size and complexity can be given as input

Usage of packer (Encryption)

packer.exe <input-path> <output-path> <key-size> <start-ascii> <end-ascii>

The complexity of encryption key will be determined by and

for example this command will lead to keys from AAAA to ZZZZ

packer.exe <input-path> <output-path> 4 65 90

The Decryption part

Decryption isn't like other packers stub and it's based on bruteforcing and examining each character to retrieve the encryption key! why!?

And after retrieving key the encrypted payload will be decrypted and will be run directly inside memory and in form of char[] whcih is contained each byte of the main PE file!

Credits

https://www.codeproject.com/Articles/5035/How-to-Write-a-Simple-Packer-Unpacker-with-a-Self https://www.youtube.com/watch?v=bQWRW0VUXR4

About

Packer (actually a crypter) for antivirus evasion implemented for windows PE files (BSc-Thesis)

Topics

packer evasion crypter antivirus-evasion

Resources

Readme
Activity

Stars

103 stars

Watchers

4 watching

Forks

27 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages