Skip to content

behindblackwalls/lain_loader

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
laincoder.cs
laincoder.cs
 
 
lainloader.cs
lainloader.cs
 
 

Repository files navigation

lain_loader

mcs -out:laincoder.exe laincoder.cs

Encrypt shellcode to a file. You're going to need to put the csharp shellcode in yourself.

mcs -out:lainloader.exe lainloader.cs

Use this to grab the file and decrypt/load it.

You'll also need to add the csharp shellcode to laincoder in the "new byte" section, as well as change the web server IP/filepath in the lainloader file.

To Do

  • Behavioral Analysis Evasion. Perhaps split the payload into multiple parts? Put in some benign operations... It only gets detected by EDR after running though. Hm...
  • Atom Bombing or Process Doppelganging, maybe direct memory manipulation.

About

C Sharp Scripts for Dynamic XOR encryption/Custom Base64 encoding of CSharp shellcode as well as a loader that dynamically decrypts and decodes the shellcode after retrieving it from a web server. Includes process hollowing techniques. Will evade sig based AV

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages