Skip to content

A builder πŸ”¨ for binding evil program 😈 and normal document 🐣

Notifications You must be signed in to change notification settings

foxhack/GoFileBinder

Β 
Β 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

6 Commits
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

GoFileBinder

A builder πŸ”¨ for binding evil program 😈 and normal document 🐣

image-20211130010534997

Usage

Clone this repo and build GoFileBinder.go first, then start:

./GoFileBinder <evil_program> <bind_file> [x64/x86]

When the Output File is executed on the target machine, it will release your evil program to C:\Users\Public\Music\, and then self-delete after run normal file and evil program.

image-20211130013907004

You can add an icon to it through rcedit or rsrc,note that some icons may be marked as malicious by the anti-virus due to past malicious behavior.

Feature

  • Reduce the risk of being detected by anti-virus and human
  • Encrypt evil program via 3DES with random key
  • Self delete after releasing the normal file and executing the evil program
  • Use local variable instead of string literal to pass procedure name (string([]byte{...})), to avoid static memory matching

Reference

About

A builder πŸ”¨ for binding evil program 😈 and normal document 🐣

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 100.0%