Skip to content

NO-ONE-H/Crypter-AntiVM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.py
main.py
 
 

Repository files navigation

EXE Crypter with Anti-Debug

This Python project provides a simple EXE crypter that can encrypt an EXE file, embed anti-debug mechanisms, and generate a decryption script. The resulting Python script can then be converted into an executable file.

Features

  • EXE Encryption: Encrypts the provided EXE file using a random key and Base64 encoding.
  • Anti-Debug Detection: Detects virtual machine environments and popular malware analysis sandboxes. If detected, the script will exit without executing.
  • Python Script Generation: Generates a Python script (output.py) that will decrypt and execute the provided EXE.
  • EXE Conversion: The generated Python script can be optionally converted into a standalone EXE file.

How It Works

  1. Path to EXE: The user is prompted to enter the path to the EXE file that should be encrypted.
  2. Anti-Debug Option: The user is asked if anti-debug detection should be enabled. When enabled, the script checks if it's running inside a virtual machine or malware analysis sandbox.
  3. Encryption: The EXE file is encrypted with a random key, and the encrypted data is embedded into the generated Python script.
  4. Script Generation: The generated Python script (output.py) contains the encrypted EXE data and code to decrypt it during runtime.
  5. EXE Creation (Optional): The user can choose to convert the Python script into an EXE file using PyInstaller.

Usage

  1. Run the Script: Execute the Python script and follow the prompts.
  2. Provide the Path to the EXE File: You will be asked to enter the path to the EXE file you want to encrypt.
  3. Enable Anti-Debug: You will be asked if anti-debug detection should be enabled. If enabled, the script will check for indicators of virtual machines and sandbox environments.
  4. Python Script Output: The script will generate output.py, which contains the encrypted EXE file and logic for decryption and execution.
  5. Convert to EXE: Optionally, you can choose to convert the generated Python script into an EXE file.

Anti-Debug Mechanism

The anti-debugging feature looks for the following indicators to determine if it's running in a VM or analysis environment:

  • VM Indicators: VBOX, VIRTUALBOX, VMWARE, XEN, QEMU, HYPERVISOR, etc.
  • Analysis Environments: Common sandboxing services like VirusTotal, Cuckoo, Joe Sandbox, and others.
  • System Information: Checks systeminfo, the system's hostname, and username for any signs of a VM or analysis tool.
  • VirusTotal Access: Attempts to access virustotal.com. If it can access the site, it assumes the environment is a sandbox.

If any of these indicators are detected, the script will exit without executing the EXE.

License

This project is licensed under the MIT License.

About

Simple python crypter with anti vm.

Topics

virus malware virustotal bypass-antivirus crypter antivm crypter-fud

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages