Page 1 of 1

[Could someone tell me] The best program for Cloaking/Bindin

PostPosted: Thu Jan 06, 2011 4:18 pm
by ronokae
Alright. So for testing. I have Ardamax keylogger and about literally 20+ more keyloggers.
I have a few RATs, and other tools and etc.

What I need to know, are the best program(s) for Encryption/Cloaking. (I've learned that they are both the same thing, forgive me if I'm wrong)
and for Binding ( like joining to files to 1).

Say I made a Keylogger or RAT Executable file, what could I use or how would I attach it to another file of the same or different type (if at all possible)
so that when one is opened so is the other.
And what could I use or how would I "cloak" it so that not detectable by most or all programs, I've used Obsidium before, it was well but with some keyloggers it screws up the EXE
So if anyone has any bright ideas it would be appreciated

Re: [Could someone tell me] The best program for Cloaking/Bi

PostPosted: Thu Jan 06, 2011 4:53 pm
by Sethioz
i have same question myself actually, but i have never done any research about it. just to clearify things, im interested just in the merging part, how to join 2 .exe files, im sure its extremely easy if i would just google. its not my project yet, so im not rushing ahead of myself.

for now, ardamax has this function built-in, but it also fucks up some .exe files, which makes me think that not all .exe files can be merged with other.

as for cloaking, its more or less impossible using encryption / packer. because on the moment it is unpacked / decrypted (im not talking about zip or rar), then signature will show and AV will detect it. im talking about .exe packers and encryptors, which leave the file as .exe, but it is packed or encrypted or both and it unpacks/decrypts automatically upon execution and it doesnt give any alerts like unpacking or decrypting, as from user view, it is as normal .exe.
so it only helps to prevent scanners from detecting it, but upon execution it gets detected and all anti-viruses will block access to this file when it gets detected. so encrypting / packing .exe is useless.
what i suggest, is to remove the signature from your malware. ive heard storys that you can split file to 2, then scan. split the detected part into 2 again ..and keep doing it, until you manage to isolate the signature and then remove it using hex editor.
ive tried it, but never worked, i dont think its that easy.

Re: [Could someone tell me] The best program for Cloaking/Bi

PostPosted: Thu Jan 06, 2011 7:15 pm
by ronokae
Much appreciated just got a better understanding of a few things.
The isolation method sounds like a good idea that would work but it sounds like you're right, it probably is slightly more complicated than just splitting the file repeatedly.
suppose i Have to look for more ways. i'll do some research after i learn wtf a hex editor is lol.
boy i gots lots to learn... least i know a little bit as far as stuff like this goes.

Well, now I'm off to find more new information, thanks Sethioz

Re: [Could someone tell me] The best program for Cloaking/Bi

PostPosted: Thu Jan 06, 2011 8:54 pm
by Sethioz
i have some good articles on knowledge database, i suggest you read them.

Re: [Could someone tell me] The best program for Cloaking/Bi

PostPosted: Fri Jan 07, 2011 2:13 am
by ronokae
I've been to the knowledge base and i've been meaning to ask you, how do i go about looking for info in it, it takes me to the main page after that I like lose sight of what i should do.

Re: [Could someone tell me] The best program for Cloaking/Bi

PostPosted: Fri Jan 07, 2011 9:12 am
by Sethioz
offtopic, but i cant belive you have never used wikipedia. you simply search for what you looking for.