Skip to content

Inject your x64 bit executable to any process, masking it as a legitimate process for Anti-Virus evasion.

Notifications You must be signed in to change notification settings

clasy0947/PEx64-Injector

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 

Repository files navigation

PEx64-Injector (Process Migrator)

Migrate any x64 exe to any x64 process (Net FrameWork 3.5)

No Administrator privileges required.

GIF Demo

PoC

How can be used?

shot

Download here.

Usage: Migrator.exe payload(fpath) Migratefile(fpath)

Example: Migrator.exe C:\Users\User\Desktop\Putty64.exe C:\Windows\System32\notepad.exe

Keep as a note that when you specify the migratefile it will launch as a new process and won't migrate to an already running process.

Such tool can be utilized for AV evasion, masking malicious software under legitimate process.

Code

Todo: download/execute function to load remote files.
Special thanks to GigaJew.

About

Inject your x64 bit executable to any process, masking it as a legitimate process for Anti-Virus evasion.

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • C# 100.0%