Projects STRLCPY APCLdr Commits 94922933
🤬
  • ■ ■ ■ ■ ■ ■
    README.md
    1  -# APCLdr
    2  -Payload Loader For Evasion
     1 + 
     2 +<h2 align="center">
     3 +APCLdr: Payload Loader With Evasion Features
     4 +</h2>
     5 + 
     6 + 
     7 + 
     8 +### Features:
     9 +- no crt functions imported
     10 +- indirect syscalls using [HellHall](https://github.com/Maldev-Academy/HellHall)
     11 +- api hashing using [CRC32](https://github.com/NUL0x4C/APCLdr/blob/main/APCLdr/Win32.c#L111) hashing algorithm
     12 +- payload encryption using rc4 - payload is saved in .rsrc
     13 +- Payload injection using APC calls - alertable thread
     14 +- Payload execution using APC - alertable thread
     15 +- Execution delation using [MsgWaitForMultipleObjects](https://github.com/NUL0x4C/APCLdr/blob/main/APCLdr/APCLdr.c#L66) - edit [this](https://github.com/NUL0x4C/APCLdr/blob/main/APCLdr/Common.h#L6)
     16 + 
     17 +<br>
     18 + 
     19 +### Usage:
     20 +Use [Builder](https://github.com/NUL0x4C/APCLdr/tree/main/Builder) to update the [PayloadFile.pf](https://github.com/NUL0x4C/APCLdr/blob/main/APCLdr/PayloadFile.pf) file, that'll be the encrypted payload to be saved in the .rsrc section of the loader
     21 + 
     22 + 
     23 +<br>
     24 + 
     25 +### Thanks For:
     26 +- https://www.x86matthew.com/view_post?id=writeprocessmemory_apc
     27 +- https://github.com/vxunderground/VX-API
     28 + 
     29 +<br>
     30 + 
     31 + 
     32 +<h4 align="center">
     33 +Tested with cobalt strike && Havoc on windows 10
     34 +</h4>
     35 + 
     36 + 
    3 37   
Please wait...
Page is in error, reload to recover