Malware

SharpIncrease – Mastering Malware Obfuscation To Bypass Security Detection

Adversaries may use binary padding to add junk data and change the on-disk representation of malware.

This can be done without affecting the functionality or behavior of a binary, but can increase the size of the binary beyond what some security tools are capable of handling due to file size limitations.

Binary padding effectively changes the checksum of the file and can also be used to avoid hash-based blocklists and static anti-virus signatures.

The padding used is commonly generated by a function to create junk data and then appended to the end or applied to sections of malware.

Increasing the file size may decrease the effectiveness of certain tools and detection capabilities that are not designed or configured to scan large files.

This may also reduce the likelihood of being collected for analysis. Public file scanning services, such as VirusTotal, limits the maximum size of an uploaded file to be analyzed

SharpIncrease

SharpIncrease can bypass many security measures and can be used with various file extensions.

You can even increase the size of Windows Form Applications with null bytes.


  ____  _                     ___
 / ___|| |__   __ _ _ __ _ __|_ _|_ __   ___ _ __ ___  __ _ ___  ___
 \___ \| '_ \ / _` | '__| '_ \| || '_ \ / __| '__/ _ \/ _` / __|/ _ \
  ___) | | | | (_| | |  | |_) | || | | | (__| | |  __/ (_| \__ \  __/
 |____/|_| |_|\__,_|_|  | .__/___|_| |_|\___|_|  \___|\__,_|___/\___|
                        |_|

            Mert Daş     @merterpreter


Usage: SharpIncrease.exe -D inputfile -S MB -O outputfile

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecurityinformationsecuritykalilinuxkalilinuxtoolsSharpIncrease
10 months ago

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

3 weeks ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

3 weeks ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

3 weeks ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

3 weeks ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

3 weeks ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

3 weeks ago