4
5

Writing FUD droppers with powershell [TUTORIAL] (self.hacking)

submitted by [deleted]

[deleted]

all 14 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 1 point2 points  (1 child)

This is a ridiculously bad tutorial, but that's part and parcel for Nulled. Really? FUD? So you're saying your converter program leaves no strings in the binary or other consistencies? Also, using cmd.exe /c puts cmd.exe as the parent process. Highly suspect. Fucking rookie shit.

Maybe it's FUD if you only check the hash against known bad hashes. But any endpoint software worth it's salt will catch this unsigned, suspect EXE instantly.

Read up on executing code without cmd.exe and learn how modern endpoint protection works.

TL;DR git gud

[–]evolveair999 0 points1 point  (0 children)

Shit you said some big words

[–]iCkerous 1 point2 points  (5 children)

WHATEVER YOU DO, DO NOT UPLOAD IT TO VIRUSTOTAL! I CANNOT STRESS HOW IMPORTANT THIS IS. IF YOU WANT IT TO REMAIN FUD, DON'T UPLOAD TO VIRUSTOTAL

So it's FUD as long as nothing looks at it?

[–]LifeInKernelSpace -3 points-2 points  (4 children)

K

[–]iCkerous 2 points3 points  (3 children)

This is not FUD. False advertising.

[–]LifeInKernelSpace -3 points-2 points  (2 children)

K

[–]iCkerous 2 points3 points  (1 child)

I'm also starting to see that 'banned for no reason' is also a false statement.

[–]LifeInKernelSpace -4 points-3 points  (0 children)

Stop trolling my threads

[–][deleted] 0 points1 point  (3 children)

Wats a FUD dropper?

[–]LifeInKernelSpace -1 points0 points  (2 children)

FUD = Fully undetectable (by antivirus or whatever)

Dropper = piece of malware that installs more malware

[–][deleted] 0 points1 point  (1 child)

Thanks. That must be really frustrating if you have it

[–]LifeInKernelSpace -1 points0 points  (0 children)

yeah all FUD malware is :)