Closed LearnerZone closed 7 years ago
LearnerZone
commented
7 years ago Using pyinstaller --noconsole --onefile fixes the visible window issue but exe is still not getting copied to the AppData folder and no startup entries are created with new code from this repo. Ritiek code complied exe works fine !!!
LearnerZone
commented
7 years ago Found the issue, if hide_folder is already there from a previous infection it won't execute the initialization steps again and there will be no infection.
Leaving the issue open for others to decide what to do with this issue!, I suggest deleting hide_folder on self-destruct so we do not break the RAT on future infection.
mvrozanti
commented
7 years ago A few things:
1) Titles should be self-explanatory.
2) Only one Issue per issue.
3) If you want Ritiek's code feel free to clone old commits.
4) This is a personal project - expect things to break some time or another. I'm not doing this for money. Fix your attitude.
So... If hide_folder is already on that computer it means this has already been run. Can you elaborate on "future infection"?
LearnerZone
commented
7 years ago Sorry, but my intention was not to offend anyone. Maybe since English is not my main language it might have sounded wrong.
If hide_folder is not deleted on self_destruct any future infection will get fail as this condition will not get satisfied if not os.path.exists(hide_folder): for persistence routine to kick-in.
mvrozanti
commented
7 years ago
After compiling the .exe and running it on a test system, it shows me a console window with all the commands. This is a serious bug, everything should be hidden!!!
Also, for some strange reasons
exeis not getting copied to theAppDatafolder and no startup entries are created after I downloaded the latest git version, this worked ok with earlier copy of mine???