Is it possible to explain more how to set our own executable?

[randomUser7852]

Hi,

I understood the payload project was the project executed, but is it possible to explain more how to set our own project?

Is a way to just add our executable?

Is there any action or characteristics that might reveal the executable?

BR and excellent work

[bytecode77]

The example executable is a C++ project that is copied into the Resources\ directory on build. You could delete the project and just place your own executable in Resources.

However, I do recommend to integrate the code into your Visual Studio project, so you have all build events, etc. set up correctly. It's very easy to do and you can tailor it to your project:

• If your project already has an installer: Change the logic from copying a file somewhere to writing these registry values
• You need to include the C# stager for Powershell, though, as it's mandatory.
• You could optionally write the payload executable to another registry value instead of writing it to the resources. This way, updating it might be easier.

This is a PoC, not a builder for a fileless system. The gist of this project is to explain the code step-by-step, so that anyone can take the idea from it and make their own implementation based on the PoC. You can take most of the source code as is and integrate it into your project.