How to create Trojans
“Nothing is what it seems.”
Taught by: Peter Zsiros
Length: 2 hours
A Trojan is a malicious computer program employed by cyber-thieves and hackers trying to gain access to users systems. These malware misrepresent themselves to appear useful, routine, or interesting in order to persuade a victim to run it.
In this minicourse we will show you how Trojans are created in different ways. We will cover automatic creation with wrappers, automatic creation with Metasploit, and we will also create a Trojan manually. Creating them will give you a great insight into how they work and spread.
For tech connoisseurs who like to go deep into the bits
Basic programming knowledge, what the register is, basic assembly knowledge, how networks function.
Minimum 1GB memory, 10GB HDD for the virtual machine
You will learn how executable files work and how they are structured. You will also learn how they are made and how can they spread.
Section 1 - Creating a simple Trojan by wrapper
We will create a Trojan with a wrapper application. We add the nc.exe as payload to the .NET 2.0 installer.
Section 2 - Creating Trojans with Metasploit (MSFvenom)
We create a simple Trojan with the Metasploit Framework. First with the built-in carrier application, then into another executable. At the end we check them on VirusTotal to get to know how many AV solutions are able to identify it.
Section 3 - Creating and encoding Trojans manually
First we will insert a well known Metasploit payload to a carrier application (.NET 4.0 installer) manually, then use the VirusTotal to check how many AVs are able to recognize it. After that we encode our previously created Trojan with the simplest XOR method then upload it again to the VirusTotal for AV testing.