Loading video...

Video Failed to Load

Go Home

Over the past while, I've developed several builds of a malware obsfuscator, using different forms of evasion to craft an executable that grants your payload safe delivery and execution into the target machine, developed in C++ too. There's currently an exe file as well

25,854 views • 1 year ago •via X (Twitter)

10 Comments

cocofelon's profile picture
cocofelon1 year ago

The exe file generates a whole new code with the link to your payload embedded into it, and plans for generation afterwards. There are a few dependencies, the payload has to be encrypted with the use of my python generated encryptor, uses AES encryption and with a few techniques

cocofelon's profile picture
cocofelon1 year ago

it makes sure that you don't have to hardcode the decryption keys and logic, while this is only but a step into the world of malware dev. i am very open to corrections of different sorts, the work doesnt stop here, ill attach the link to some of my source codes for those that

cocofelon's profile picture
cocofelon1 year ago

want a sneak peek or who wants to play around with it, Thank you @RedHatPentester @elormkdaniel @Dghost_Ninja @cyb3rn3t1cs @CyberSecFalcon @commando_skiipz

cocofelon's profile picture
cocofelon1 year ago

One part of the project ill be updating as time goes on

Good Man's profile picture
Good Man1 year ago

Good job bro Una wey sabi computer languages dey try oh 👍🏾

🖤's profile picture
🖤1 year ago

Baddd guyyyyyyyy

iPsalmy👻🥷🏽's profile picture
iPsalmy👻🥷🏽1 year ago

Great work man 🔥 The link to the source code is not working on my side though

cocofelon's profile picture
cocofelon1 year ago

I’ll check it out now

U.D… *Astrograph 🧙 ***'s profile picture
U.D… *Astrograph 🧙 ***1 year ago

Have you tested this with an AV and see if it bypasses?

cocofelon's profile picture
cocofelon1 year ago

Yes I have Tested it with McAfee antivirus although I’m furthering into other methods

Related Videos

How do you create your payloads in 2025? At MSec Operations we prefer to use DLL sideloading for EDR evasion. This technique allows our malicious code to run within a signed, legitimate executable. Combining this technique with other useful techniques will provide stable execution to fly under the radar. 🛸 The following video demonstrates the use of #RustPack to create such a payload in just a few seconds. The command line usage shows that our input payload is a simple unmodified Apollo C2 executable. We want to clone all the exported functions from the original Windows wininet.dll to create our own library with the same name. The execution of the payload will be delayed by ~5 seconds in this case, without using the Win32 sleep function, but by performing random calculations. ⏲️ Hardware breakpoints are used to bypass the Antimalware Scan Interface (AMSI). Without an AMSI bypass, Apollo would be flagged as a C# assembly when loaded. 🎓 Our payload will only fire on a domain joined system, this basically prevents it from running in e.g. sandbox environments. 🤠 Last but not least, in this example, the encrypted payload itself is stored in a separate file on the target system and not even in the same folder as our malicious DLL. Anyone analysing just the DLL will never be able to find out what the payload is. Automatic sample submissions for cloud analysis usually only upload the executable or DLL, emulators won't see the real payload either. 🤠 Tired of creating such payloads yourself? With #RustPack it's really easy, and payloads always look completely different, even if the same payload is packed twice to avoid signature-based detection Contact us via info[at] for more information! 👍

MSec Operations

26,003 views • 1 year ago

‼️A malware binder tool branded "Universal File Binder 2026" is being sold on a popular cybercrime forum, advertised as fully undetectable and designed to disguise executable payloads as common file types including documents, images, and videos. ⠀ ‣ Threat Actor: Davina Keenan ‣ Category: Malware Tool Sale / Payload Binder ‣ Product: Universal File Binder 2026 ‣ Industry Impact: Phishing, Social Engineering, Initial Access ⠀ The tool is marketed as a payload binder, a category of malware used to attach executable code to a legitimate looking file so that opening the file triggers both the decoy document and the hidden payload. A video demo is attached to the listing and this post. ⠀ Advertised features: ⠀ ▪️ Claimed "100% FUD" (Fully Undetectable) against major antivirus engines including Windows Defender, Avast, and Kaspersky, at both scantime and runtime ▪️ Bind payloads to .jpg, .png, .pdf, .docx, .pptx, .mp4, and .mp3 files ▪️ Icon and extension spoofing, including double extension tricks ▪️ Lightweight stub with small footprint ▪️ Stated compatibility with Windows 10 and Windows 11 ⠀ Pricing: ⠀ ▪️ Single build: $100 ▪️ Lifetime access with updates: $1,000 ⠀ Binders of this type are a common component of commodity phishing kits, used primarily to deliver RATs, stealers, and ransomware via email attachments or messaging platforms. "FUD" claims on public forums are typically short lived and degrade within days or weeks of release as antivirus vendors collect samples.

Dark Web Informer

25,017 views • 2 months ago