Requirements
1. Malware/rat/torjan
2. HEXeditor
3. File Splitter v5.0 or better
Step: 1 Scan the Malware/rat/torjan with your anti-virus software and check whether this file is detectable by the anti-virus software.
Now I scan Torjan.exe file in VirusTotal You can see this file is detected by the antiviruses.
My result detection shows 40/47
Step: 2 Download file splitter v5.0 Here
After downloading Launch tha Splitter & Split the torjan into 200 bytes per file.
Step: 3 Now Scan the splits files in your AV & note down those files are infected ,those will be once you edit.... i have check in virustotal .
Step: 4
Now open the infected file in HEXeditor , the virus signature ie here... now its so easy, my method is not hard, but it takes too much time !!! Just you have to do is change a letter from Capital to a lower case ... i have show you in image , i have change tha capital letter "P" in to small "p". Just chang all the capital letters in to small !!!
Step: 5
After the changing scan the torjan.exe.107.chunk in AV ... i have scan in VirusTotal !!!
My fud is sucessfully done !!!
Step: 6
After that rejoin the torjan with file joinder & check the working if its work not properly so check your file joinder !!!
0 comments:
Post a Comment