Login Register






SMTPMart - Buy Inbox SMTP | Leads | Shell | cPanel 100% Bonus on 1st deposit | Instant Refunds
ProxyByte $2/GB | Residential IPv4 - No Logs - 26M+ IPs - All unblocked
REFUNDING.GG | #1 REFUND SERVICE | SAME DAY REFUNDS | WORLDWIDE ORDERS | GET ITEMS 85% OFF
New Ownership - Policies and Changes Going Forward
Thread Rating:
  • 0 Vote(s) - 0 Average


Lime Crypter v3.1 [Crypter / Binder] (Open Source) filter_list
Author
Message
Mr.z3ro Offline
Junior Member
Six Years of Service
Posts: 5
Threads: 4
Reputation: 0
Lime Crypter v3.1 [Crypter / Binder] (Open Source) 10-29-2018, 07:47 PM #1
An obfuscation tool for .Net + Native files. Applying some evasion techniques to bypass anti-virus software and install a persistence in the machine. Also, the output payload can be binded with a legit application while it bytes are being injected to legit process as well.
   Main Features:
                 •.NET - Coded in Visual Basic .NET, required framework 4.0 dependency.
                 •USG - Adding some junk methods and rename all variables
                 •Injection - Hide payload behind a legit process
                 •Anti Virtual Machines - Uninstall itself if the machine is virtual to avoid scanning or analyzing

[Image: iMcfDdr.png]
--------------------------------------------------------------------------------------------------------------------
[Image: 76CoInF.png]_[Image: 2usZzEJ.png]
--------------------------------------------------------------------------------------------------------------------
[Image: KF2k9w6.png]_[Image: XqfPJMF.png]
--------------------------------------------------------------------------------------------------------------------
Before crypt of a Orcus client file with 'Lime Crypter 3.1'.
[Image: mpxS440.png]
Proof: Link

After crypt of a Orcus client file with 'Lime Crypter 3.1'.
[Image: vbrCn0r.png]
Proof: Link

Virustotal:
    Virustotal - EXE --MD5: "ced45f6998154c48d72f053029ecbfc7"
    Virustotal - ZIP --MD5: "9778a191ab6550b5415c596d1f41d8e1"
Download:
     GitHub
(This post was last modified: 10-29-2018, 07:48 PM by Mr.z3ro.)

[+] 1 user Likes Mr.z3ro's post
Reply

mothered Offline
Nevermind how, I will login
 *******
Registered (Diamond)
Twelve Years of Service
Posts: 72,626
Threads: 307
Reputation: 493
GoldCookieTurkeyPower PosterReputableLegendaryStaffGolden StaffLovedHammer
RE: Lime Crypter v3.1 [Crypter / Binder] (Open Source) 10-30-2018, 04:22 AM #2
Even after crypting the file, the detections are quite high. Nonetheless, given It's open-source, It's worthy of analyzing.

I like the following features:
•Injection - Hide payload behind a legit process.
•Anti Virtual Machines.

Appreciate It.
[Image: AD83g1A.png]

[+] 2 users Like mothered's post
Reply

GamerulEDY Offline
Junior Member
Three Years of Service
Posts: 2
Threads: 0
Reputation: 0
RE: Lime Crypter v3.1 [Crypter / Binder] (Open Source) 03-10-2022, 06:00 PM #3
ty for sharing mate i realynedthisman

Reply

losebubble Offline
Junior Member
Two Years of Service
Posts: 14
Threads: 0
Reputation: 0
RE: Lime Crypter v3.1 [Crypter / Binder] (Open Source) 08-19-2022, 03:48 AM #4
(10-30-2018, 04:22 AM)mothered Wrote: Even after crypting the file, the detections are quite high. Nonetheless, given It's open-source, It's worthy of analyzing.

I like the following features:
•Injection - Hide payload behind a legit process.
•Anti Virtual Machines.

Appreciate It.
Very clearly for me.

Reply

JohnPhillips Offline
Junior Member
Two Years of Service
Posts: 2
Threads: 0
Reputation: 0
RE: Lime Crypter v3.1 [Crypter / Binder] (Open Source) 11-05-2022, 12:06 PM #5
Thanks for the source. Hopefully it won't be that hard to UD it again for windows defender.
The files are deleted from Github.
(This post was last modified: 11-05-2022, 12:09 PM by JohnPhillips.)

Reply







Users browsing this thread: 2 Guest(s)