New Visitor Information

All the file majority uploaded at 4shared.com. You need account 4shared for continue download.
WARNING !!!All Video Tutorial and Information in this website is just for educational purpose only. Used for illegal activity is completely a crime. So Please don't try to do.I do not take any responsibility.

REFUD with Hex Editor , Worked ALL RAT,Crypter,Keylogger,Bot

This technique REFUD is perfect with all file, RAT,Stub,Worm,Keylogger,Bot etc. Dependencies or not ,is not influenced .

Advantages this technique :
+ Support all RAT ( darkcomet , blackshades , cybergate , xtreme RAT , spynet , ProRat ,ect )
+ Support all botnet
+ Support all stealer
+ support all spreader (worm, etc)
+ support all crypter (dependencies or no dependencies)
+ Unique REFUD - different user different byte modification.  (longer FUD)
+ May use with different situations (see picture below)

Disadvantages this technique :
- Hard technique (need more patient)
- Always try and error method (more work to do repeatedly)
- More REFUD , less success rate , more chance server corrupted. (see picture above)

Main Steps REFUD using Hex editor
-) Spread the file offset
-) Scan and take the 1 detection file and previous file (must clean detection)
-) Compare 2 offsets file
-) Change the byte with 1C
-) Scan after changed
-) If clean. change the byte for origanal file server.exe with same location offset
-) Test the file after changed (work or not)
p/s See video tutor with full attention for detail process



Video Tutor REFUD Using Hex Editor
I Make the simple and faster way for you to practice


 Tips Increase Success rate:
1) Do not scan with AVG or Avira. always give you corruption
2) Only change 1 byte for origanal file (server.exe)
3) Choose the offset file start from no 4.bin


Test REFUD by Genius Crypter 1.2 -> DOWNLOAD HERE
ALERT: Dont Scan At VIRUS TOTAL, WHY? -> Click Here

SCAN RESULT:
Scan Occured: 
Link to scan: metascan.org | Virus Scan Results for test.exe
File name: test.exe
File size: 1125376 bytes
MD5 Hash: c9c3360a392553b9de8c16c7935c1901
SHA1 Hash: aba3228493a92e4be9d17667e192e7812f158692
Detection rate: 10 out of 37
Status: INFECTED

Detections
AVG - Virus found Injector
Acavir - Clean
Avast 5 -Clean
Avast -Clean
Avira -TR/Dropper.MSIL.Gen
BitDefender -Gen:Variant.Kazy.62228
VirusBuster Internet Security -Clean
Clam Antivirus -Clean
COMODO Internet Security -Clean
DrWeb -Trojan.DownLoader5.59917
eTrust-Vet -Clean
F-PROT Antivirus -Clean
F-Secure Internet Security -Gen:Variant.Kazy.62228
G Data -Gen:Variant.Kazy.62228
IKARUS Security-Trojan-Dropper.Win32.Injector
Kaspersky Antivirus -Clean
McAfee -Clean
MS Security Essentials -Clean
ESET NOD32 -Trojan.MSIL/Kryptik.AP
Norman -Clean
Norton -Clean
Panda Security -Clean
A-Squared Security -Clean
Quick Heal Antivirus -Clean
Rising Antivirus -Clean
Solo Antivirus -Clean
Sophos -Clean
Trend Micro Internet Security -Clean
VBA32 Antivirus -Clean
Vexira Antivirus -Clean
Webroot Internet Security -Clean
Ad-Aware -Clean
Zoner AntiVirus -Clean
AhnLab V3 Internet Security -Clean
BullGuard -virus: Gen:Variant.Kazy.62228
Imunitet -Gen:Variant.Kazy.62228
Vipre -Clean

AFTER REFUD
Scan Occured: 
Link to scan: metascan.org | Virus Scan Results for test2.exe
File name: test2.exe
File size: 1125376 bytes
MD5 Hash: 8ef46d3059e63eaa97dfedfe09b19f87
SHA1 Hash: 864ea518c7c50e8a9f7a6f792429dee17014581b
Detection rate: 3 out of 37
Status: INFECTED

Detections
AVG - Clean
Acavir - Clean
Avast 5 -Clean
Avast -Clean
Avira -Clean
BitDefender -Clean
VirusBuster Internet Security -Clean
Clam Antivirus -Clean
COMODO Internet Security -Clean
DrWeb -Trojan.DownLoader5.60526
eTrust-Vet -Clean
F-PROT Antivirus -Clean
F-Secure Internet Security -Clean
G Data -Clean
IKARUS Security-Trojan-Dropper.Win32.Injector
Kaspersky Antivirus -Clean
McAfee -Clean
MS Security Essentials -Clean
ESET NOD32 -Clean
Norman -Clean
Norton -Clean
Panda Security -Clean
A-Squared Security -Trojan-Dropper.Win32.Injector!IK
Quick Heal Antivirus -Clean
Rising Antivirus -Clean
Solo Antivirus -Clean
Sophos -Clean
Trend Micro Internet Security -Clean
VBA32 Antivirus -Clean
Vexira Antivirus -Clean
Webroot Internet Security -Clean
Ad-Aware -Clean
Zoner AntiVirus -Clean
AhnLab V3 Internet Security -Clean
BullGuard -Clean
Imunitet -Clean
Vipre -Clean

P/S: After Build please make sure you test your server
Test Your Server On Your Own Computer -> Click Here
Advance Test Your Server Work Properly Without Lose After Victim Reboot PC -> Click Here


But sometime ,sandboxie restrict it.You may run without sandboxie,the best way (make sure you have system restore such as deepfreeze)

RE-FUD Techique -> Please GO Here (RE-FUD Section)

DOWNLOAD Hex Workshop 6.0.1.4603 + exidous av signature tool + Video Tutor
DOWNLOAD HERE
DOWNLOAD HERE (backup link)

Please Register to 4shared.com for download the file
How to download :-> Just wait 5second and press
Labels: