Hello, coders!
I want an executable/PE protector.
The project should be consist of 3 parts, as following:
1. A client in which you choose the target PE to be encrypted
2. A stub/loader. The client is supposed to encrypt the whole target PE and embed it in the stub/loader.
3. Unique source scrambler. This should create unique API names that are used with the stub.
Basically, this should only randomize output source that could easily be copy 'n pasted into the stub source.
Requirements:
1. APIs shouldn't be easy to located with 3rd party tools like PEiD.
2. Encryption algorithm to be used: RC4 or Simple XOR.
3. The stub should never drop the decrypted executable to the harddrive.
It must be decrypted in memory and executed in there as well.
This requires you having knowledge about APIs such as CreateProcess, VirtualAllocEx, NtUnmapViewOfSection, NtWriteVirtualMemory, NtGetContextThread, NtSetContextThread and NtResumeThread.
In order to "hide" such APIs, you must/will probably have to use this API: GetProcAddress.
I can do this easily for you sir! I have 7 years of C/C++ knowledge, including GUI design.
I've made a similar polymorphic exe encrypter before and I can do this for you in about 3 hours.