Malware payloads: using encryption to bypass all anti-virus solutions

“Some people asked me about how you can bypass all AV anti-viruses? My answer is: very simple.”

Really interesting article by the security researcher Damon Mohammadbagher, about the techniques used by malware authors to bypass antivirus.

In this post, Damon proposes a 4 steps tutorial that explains how to encrypt a malware payload in order to bypass antivirus checks with a bit of C# sourcecode:

Some people asked me about how you can bypass all AV anti-viruses?

My answer is: very simple. But this is Secretly Technique and the most Pentester or hackers never share that for other people. They have their reason for that like me and I can tell you the most reason is because their methods and codes After share will detect by Anti-viruses Companies very soon.But I want to share one method for you all with C# programming and Encryption method.

And after this 4 steps, the result is:

Take a look to the whole article on linkedin pulse:

https://www.linkedin.com/pulse/bypass-all-anti-viruses-encrypted-payloads-c-damon-mohammadbagher

Related posts

  1. iOS forensic acquisition methods
  2. Also Node.js has been used to perform a Living off the Land (LotL) attack
  3. Windows Forensics: analysis of Recycle bin artifacts
  4. PEpper: a python script to perform malware static analysis on Portable Executable format
  5. OS X forensic acquisition: a basic workflow