S3cur3Th1sSh1t
commented
3 years ago Hi,
a writeup for this small String replacement would be too much ;-)
That’s basically it, just replace LaZagne in the code with something else and compile afterwards:
https://gist.github.com/S3cur3Th1sSh1t/bd30fe0576072db418a57b1b81fe15b0
But this version is already detected by other vendors so you would need more replaced words. Obfuscating pypykatz before compilation should also help, some vendors detect that.
Greetings
sp00ks-git
Hi,
Anychance you can make a writeup on how you repackaged lazagne into a binary?
Its being caught as it expected by Defender everytime Im using it.
Be great to understand how you did it! ( if you could re-package it one more time that would alos be beneficial ;-)