Finding virus definition is important so that we can change found virus definition and prevent antivirus from detecting our virus. The article below shows how to change virus offset to
bypass antivirus detection and make our trojan undetectable from antiviruses.
Make Trojan undetectable:
To change virus definition we need to have a hex editor. Hex Workshop is one of the best hex editors, I found.
1. Free Download Hex Editor to make trojan undetectable.
2. The downloaded file is zipped and password protected. Click here to get the password.
3. Now, install Hex Editor on your computer.
4. Right click on 7107.exe (obtained from Hexing Part II) and select 'Edit with Hex Workshop'.
5. You will see something like this:
Click on image to see enlarged view
6. Repeat this for 7108.exe.
7. Now, compare both files. You will see at the end 7108.exe will have offset "00" and 7107.exe does not have. So, we conclude that "00" is recognized as virus by antivirus. Note that offset. Here, offset is 0x00001BC3.
Click on image to see enlarged view
8. Now, open original IceGoldFreezer.exe in Hex Workshop and move to offset 0x00001BC3. Simply select the Dos Prompt of Hex Workshop corresponding to virus signature found in Step 6. and hit on space bar.
Click on image to see enlarged view
9. Save the file as IceGoldFreezer.exe and again run antivirus scan. Avira will not detect any virus. Also, run, IceGoldFreezer.exe on computer. It will run normally to indicate that we have made it undetectable from Avira antivirus....cheers. We have FUD freezer.
Update: Many readers had problems implementing this Hexing technique and hence I have written an article to solve those queries. If you have any problem, refer my article Hexing Queries Solved for more information.
Now, you can
make any trojan undetectable from antivirus
using this trojan undetection technique. If you have any problem while using this method to make trojan undetectable from antiviruses, please mention it in comments.
Enjoy Hexing to make trojan undetectable from antiviruses...
Filed Under: CRYPTOGRAPHY , UNDETECTION TECHNIQUES
If you enjoyed this post and wish to be informed whenever a new post is published, then make sure you subscribe to my regular Email Updates.
Subscribe Now!
Do you need to know what your child is doing on the computer? Do you want to know what your loved ones or spouse or kids are doing on the computer? Do you need to monitor what your employees are doing during work hours? Are they working or playing?
Winspy Keylogger
is intended to help you in these kind of situations. It can show you exactly what is being done on the computer at any time.
Click Here To Download Winspy Keylogger
