Reverse Python2.7 Rootkit WebShell.
It gives the remote control of a single target to the user. Encrypting the traffic using AES-256. The rootkit function hide the malware from the Task Manager window via DLL Injection.
It also is weaponized with ‘wget’ module to download and execute addictional files on the target.
(*) Addicitonal modules such as persistence or customized functions can be requested.
Our crypters have a limited number of copies to avoid the loss of the fud factor.
Available copies : 2/3
This is a common crypter for .NET assembly files, the technique used is runtime encrypted execution.
The FUD factor is not valued since nodistribute is not working anymore. Anyway this crypter has never been used.But i don’t guarantee for 0/64 fud factor.
Then it uses a custom Optional Header python module that doesn’t allow the decompile from .NET Reactor and other debuggers. It comes with the following addictional features:
- Assembly Changer
- Bindary Data Compressor
- Addictional stub copy
- Encrypted binary stream
- Spoofer (PIF, RTLO)
- Icon Changer
Never been used, thought to be a private version.
Written in VB.net .
Source code available as addon (+ 0,0013 ₿ to the actual price).