Obsecure XeX Image in IDA*******Tutorial/Demo*******

arms04

Member
Hello,
Since no assholes online are willing to explain this I thought I would. I’ll try to keep this simple.
1st)
In your source replace xml file & DllMain Function with the one’s provided in the folder. Which are xml sample.txt & DllMain.txt.

2nd)
Go to properities->Linker->Advance & in EntryPoint field put DllMain. See “DllMain Properties Example.PNG” for example

3rd)
Make a file & call it fuckoff.xzp then put inside your project folder. Rebuild Xex image.

4th)
Copy xex image over to obsecure folder then click on silentguy.exe. Follow the command prompts. For base address use the one found in xml file. See baseAddress.PNG & silentguysample.png for examples
5th)
All done!

Please understand that this by no means is 100 percent effective. In fact anyone that has decent knowledge can de-obsufcate.

Files-

Virsustotal-


thanks,

-arms04

special thanks to Dev for some help
 
Top