Home Unlabelled Ghostdelivery - This Tool Creates A Obfuscated .Vbs Script To Download A Payload Hosted On A Server To %Temp% Directory, Execute Payload Too Make Persistence

Ghostdelivery - This Tool Creates A Obfuscated .Vbs Script To Download A Payload Hosted On A Server To %Temp% Directory, Execute Payload Too Make Persistence

By
Monday, September 09, 2019
Read
Add Comment

Python script to generate obfuscated .vbs script that delivers payload amongst persistence in addition to windows antivirus disabling functions.

Features:
Downloads payload to TEMP directory in addition to executes payload to bypass windows smart screen. Disables Defender, UAC/user trouble organisation human relationship control, Defender Notifications, injects/creates Command Prompt in addition to Microsoft Edge shortcuts amongst payload path (%TEMP%/payload.exe), adds a scheduled chore called "WindowsDefender" for payload to hold upward run at login in addition to obfuscates the vbs delivery script. This tool also has a serveo business office to deliver obfuscated vbs script.

Light version:
The low-cal version is less noisy in addition to exclusively delivers/executes payload, creates a scheduled chore named "WindowsDefender" to run payload at login for persistence in addition to injects/creates Command Prompt in addition to Microsoft Edge shortcuts amongst payload path.

Prerequisites/requirements:
*Python 2.7, Modules imported inwards script. (random, sys, string, os, time, base64)


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us