Kali Linux

APCLdr : Payload Loader With Evasion Features

APCLdr is a Payload Loader With Evasion Features.

Features:

  • no crt functions imported
  • indirect syscalls using HellHall
  • api hashing using CRC32 hashing algorithm
  • payload encryption using rc4 – payload is saved in .rsrc
  • Payload injection using APC calls – alertable thread
  • Payload execution using APC – alertable thread
  • Execution delation using MsgWaitForMultipleObjects – edit this
  • the total size is 8kb + the payload size
  • compatible with LLVM (clang-cl) Option

Usage:

  • Use Builder to update the PayloadFile.pf file, that’ll be the encrypted payload to be saved in the .rsrc section of the loader
  • Compile as x64 Release

Debugging:

  • Change Linker>SubSystem from /SUBSYSTEM:WINDOWS to /SUBSYSTEM:CONSOLE
  • Set the loader in debug mode (uncomment this)
  • build as release as well

Thanks For:

Tested with cobalt strike && Havoc on windows 10

Please consider following and supporting us to stay updated with the latest information.

R K

Recent Posts

cp Command: Copy Files and Directories in Linux

The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…

6 days ago

Image OSINT

Introduction In digital investigations, images often hold more information than meets the eye. With the…

6 days ago

cat Command: Read and Combine File Contents in Linux

The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…

6 days ago

Port In Networking

What is a Port? A port in networking acts like a gateway that directs data…

6 days ago

ls Command: List Directory Contents in Linux

The ls command is fundamental for anyone working with Linux. It’s used to display the files and…

6 days ago

pwd Command: Find Your Location in Linux

The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…

6 days ago