Malware

SharpIncrease – Mastering Malware Obfuscation To Bypass Security Detection

Adversaries may use binary padding to add junk data and change the on-disk representation of malware.

This can be done without affecting the functionality or behavior of a binary, but can increase the size of the binary beyond what some security tools are capable of handling due to file size limitations.

Binary padding effectively changes the checksum of the file and can also be used to avoid hash-based blocklists and static anti-virus signatures.

The padding used is commonly generated by a function to create junk data and then appended to the end or applied to sections of malware.

Increasing the file size may decrease the effectiveness of certain tools and detection capabilities that are not designed or configured to scan large files.

This may also reduce the likelihood of being collected for analysis. Public file scanning services, such as VirusTotal, limits the maximum size of an uploaded file to be analyzed

SharpIncrease

SharpIncrease can bypass many security measures and can be used with various file extensions.

You can even increase the size of Windows Form Applications with null bytes.


  ____  _                     ___
 / ___|| |__   __ _ _ __ _ __|_ _|_ __   ___ _ __ ___  __ _ ___  ___
 \___ \| '_ \ / _` | '__| '_ \| || '_ \ / __| '__/ _ \/ _` / __|/ _ \
  ___) | | | | (_| | |  | |_) | || | | | (__| | |  __/ (_| \__ \  __/
 |____/|_| |_|\__,_|_|  | .__/___|_| |_|\___|_|  \___|\__,_|___/\___|
                        |_|

            Mert Daş     @merterpreter


Usage: SharpIncrease.exe -D inputfile -S MB -O outputfile

Tamil S

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Leave a Comment
Share
Published by
Tamil S
Tags: cybersecurityinformationsecuritykalilinuxkalilinuxtoolsSharpIncrease
2 days ago

Recent Posts

Betterscan – Comprehensive Security Orchestration For Code And Infrastructure

Scan your source code and infra IaC against top security risks Betterscan is a orchestration toolchain that…

22 mins ago

SQLRecon – Comprehensive Guide To SQL Server Exploitation And Defense

SQLRecon is a Microsoft SQL Server toolkit that is designed for offensive reconnaissance and post-exploitation.…

30 mins ago

OnMouseMove-HtmlFile-PoC : Unpacking The HTML File Exploit In Russian APT Cyberattacks

PoC for onMouseMove HTML file used in the Russian APT Group campaign targeting Ukraine The…

37 mins ago

AWS CDK – Cloud Development Kit

AWS CDK uses the familiarity and expressive power of programming languages for modeling your applications. It…

46 mins ago

K3S – Lightweight Kubernetes

The docker container runtime must be used to complete some of the included scenarios. K3s…

46 mins ago

Microsoft Azure – Cloud Computing Services

Azure Kubernetes Services (AKS) is Microsoft's managed kubernetes offering running on Azure. Explore the robust capabilities…

23 hours ago