Viruses impersonating image file formats is difficult, right? In today’s tutorial I’m going to share with you a trick that can be done. Viruses will be masquerading as .png, .jps, .txt, .psd files etc…. When victim clicks on then it will run as .exe virus.
| Join the channel Telegram of the AnonyViet 👉 Link 👈 |
This is a bug of Winrar 4.0 version previously exploited by hackers. Therefore, when the victim is still using the old version of Winrar, it will be able to be attacked by this virus file extension method.
However, this article is for reference and learning purposes only. The main purpose of studying knowledge and serving learning is. If you want to change the Virus extension to another file format, you need to prepare a few things as follows as instructed below.
Prepare tools
- Winrar 4.0 decompression software
- Your original Virus file.
- Tool HxD (Download at the link below)
Here is the link to Download HxD from the homepage
This tool will be recognized as Virus because it is used to fake Virus.
If you are not secure, please use it on VMWare virtual machine !!
Fake Virus Guide
This method only works when you change the file extension with Winrar 4.0, and victime opens the file directly from Winrar 4.0
- Install HxD as usual.
- Put the software icon in the same folder as the file to be attached.
Compress these two guys into .zip format with Winrar Archive. Then drag the compressed file to the HxD icon as shown in the image below.
After dragging and dropping in, you will see this window, including all lines of code as shown:
Press key combination Ctrl + F to find. Enter the name of the file you compressed in the search box. There will be 2 results appear, you find the result below at the end. For example, in my virus file named EvilLovesMe.exe then I will enter in the search box EvilLovesMe
You will find results like the image below:
Here you change the tail of the result below to the extension of the File you want to fake. On the picture, I changed it to .jpg. Finally, Save and exit Winrar, double-click the zip file and see the results.
Like Fanpage or follow website for quick updates of good articles.
Good luck
Lmint.
