Scantime and Runtime Crypter what is it ? We explain how a utility can make a file or server FUD (undetectable) to antivirus softwares !
What is Scantime and Runtime crypter ?
Have you ever seen these expressions befor e?
You must surely know or have already approached cryptography on your computer,
here is the link detailing what cryptography is thanks to our friend Search security !
Why integrate an article that has almost nothing to do with our applications and what is the link with these Scantime and Runtime Crypter ?
Simply because the “Crypters” system works the same way, the malicious user will therefore “encrypt” his application without of course corrupting it to allow it to run silently.
Today’s topic will focus on Application encryption, a method that allows “hackers” to get through Anti-Virus and launch their malicious executable(s) without any interaction from anti-virus software.
Here is an example of a Scantime and Runtime encryption :
Why don’t the Antiviruses detect anything ?
Quite simply the process used is quite special, there are several types of encryptions for your applications, here they are :
Scantime : The application will be encrypted so that it is not detected by the simple anti-virus scan.
Runtime : The application will be encrypted and injected into a process, for example most often “vbc.exe” or “svchost.exe” from these Windows processes, the malicious application will be launched silently provided that the RunPE code (Code allowing injection) is not detected by anti-virus software.
When using these bypass methods it should not be forgotten that all this will be encrypted using a cryptographic algorithm, for example the Triple DES
A link about the Triple DES on Wikipedia :
That’s not all !
In order to make their applications undetectable for as long as possible, the crypters are equipped with additional features:
USG (Unique Stub Generator) : This method makes it possible to make an executable very different from the others previously created. (For example, each file will be 98% different).
Junk Code : Allows you to add code randomly to make detection even more complicated, for example adding fake modules, functions and comments in the application.
Unfortunately encryption is within everyone’s reach on the Internet, this tutorial will teach you not to get caught, for example when you download an application that is not very used and not very reliable, the best thing is to send your executable to the VirusTotal site, which will scan the file for you with more than 45 anti-virus !
Virustotal official website.
This will greatly annoy the creators of these crypters, since the executables will be sent to anti-virus companies who will then analyze this application and be much more detected !
The best solution and of course not to finance developers to encrypt scantime and runtime, to learn nothing better than to create your own to try on your computer!
On Hackforums.net a lot of scammers sell their scantime and runtime encryption, don’t be fooled, don’t spend money for it, just buy a moo box, at least it will be useful.
Same thing on the other Hacking sites, don’t buy anything.
Now you know what is a Scantime and Runtime Crypter.
If you want to know a good forum of Hacking “whitehat” who are fighting for the good cause, you can go to the forum of: Hackademics.
I hope you enjoy this tutorial, a little sharing could support us.
Read our article: Hack a computer, basic techniques.