02-02-2022, 06:33 PM
I spent about 1.5 months trying to make my RAT FUD using many techniques like branching a lot, reordering routines, reordering instructions, adding garbage instructions, Encryption, etc. but still I can't get it to bypass windows defender.
Before I knew about any of these techniques it was undetectable by most AVs, It was getting 3/50 on Virustotal, but over time it became easily detected.
Now I have an engine that generates all the c/c++ code of the RAT decryptor that generates random versions of the client with random signatures but I still can't pass the behavioral analysis.
Sometimes It doesn't even pass the heuristics scan, (depends on the generated version).
I've read a lot of PDFs but all of the techniques described in them are kind of old-school, and can easily get detected by an antivirus/antimalware not even a (human analyst).
I don't wanna recreate the client decrypter every time it gets detected.
Do you know any NEW resources where I can learn about NEW AV evasion and sandbox detection techniques?
Before I knew about any of these techniques it was undetectable by most AVs, It was getting 3/50 on Virustotal, but over time it became easily detected.
Now I have an engine that generates all the c/c++ code of the RAT decryptor that generates random versions of the client with random signatures but I still can't pass the behavioral analysis.
Sometimes It doesn't even pass the heuristics scan, (depends on the generated version).
I've read a lot of PDFs but all of the techniques described in them are kind of old-school, and can easily get detected by an antivirus/antimalware not even a (human analyst).
I don't wanna recreate the client decrypter every time it gets detected.
Do you know any NEW resources where I can learn about NEW AV evasion and sandbox detection techniques?