This is just a quick thing I made just now. It uses the same technique as pyherion to encrypt itself.
The idea is very simple, the script contains both exe's base64'd, then it writes them out to a system variable eg. TEMP
Then it runs both at the same time using os.startfile(), which is the windows only equivalent of os.fork().
The original process will die and the two exes will run.
Note:
This will
not defend your exes from AV, if your exe is detected by AV then it will still be, as soon as the person runs the file and the original exe is written to disk. Use something like
cryptdoor to make sure you are 100% safe.
EDIT: forgot the link lmao:
https://github.com/d4rkcat/cryptbinder
