1. Encryptors/Compressors:
Most of us would think this should be the easiest way to UD (Undetect) a Trojan...unfortunately, it is not. The problem is that most people use the same Trojans and Packers so often that Anti-Virus software knows pretty much all the signatures. They use UPX, PECompress, AsPack, Mophine etc. Again, none of these work because all the signatures have been flagged. The best way this option will work is to find lesser known Packers to use with. Unless you want to buy private packers.
2. Byte Adders:
This technique allows you to add junk bytes to your Trojan as to confuse Anti-Virus software. It does this by moving the code around inside the executable as the bytes are being added. This means that the signature will not be in the place the Anti-Virus expects it to be. This will make your server fud, but sometimes it just might corrupted your server.
3. Source:
This the very easy way to make your server fud. If you have source for crypter, just mod it and make it private for your own usage! This will keep your tools fud for a long time. Take as example, my binder been fud for 2 months and it's private.
4. Manually packing your server
This is the hard way but very effective! You will be needing Ollydbg to do this. I'm not familiar with this method, you need to find info yourself.
5. Find the signature which been flagged by AV
Most of Av wiil tagged some offset in app. U can find it manually by splitting it with d-split. When you found the signature, edit it with Hex Editor.
You can apply those tips, but I suggest you do some research on the net to get better understanding.
No comments:
Post a Comment