Release-0.0.4

Infos

New version of the ADR project. This version no longer supports discord webhooks but a simpler version with tcp server.
In this v4 release you will find

• payload (xor 11 ko)
• payload (dll 11 ko)
• loader (10 ko)
• unpacker (9 ko)

Unpacker

unpacker est le nouvel outil fourni avec la release, voici comment on l'utilise :

this command launches the tcp server on port 12345, then you have to open an external port with port forwarding so that the payload can connect

unpacker.exe

this command allows you to decompress the received packet and therefore be able to retrieve useful information

unpacker.exe <files...>

like this

unpacker.exe C:\user\documents\pack_343946 C:\user\documents\pack_29396 

Release-0.0.3

Infos

bADR (10 ko)

Reduced size with the transition from C++ to a C version

• ❌ Virustotal 6/71
• ✅ Windows Defender
• ✅ Chrome AntiVirus
• ✅ Manalyzer

gADR (5 mo)

golang version of bADR

• ❌ Virustotal 4/71
• ✅ Windows Defender
• ✅ Chrome AntiVirus
• ✅ Manalyzer

bADR (ISO 70 ko)

Bypass Windows SmartScreen with ISO (packer.py)

• ❌ Virustotal 4/71
• ❌ Windows Defender
• ❌ Chrome AntiVirus

bADR.mt (54 ko)

Runtime Library set to Multi-threaded to reduce imports

• ❌ Virustotal 11/69
• ✅ Windows Defender
• ✅ Chrome AntiVirus
• ✅ Manalyzer

ADR (XOR 305 ko)

• ✅ Virustotal 11/71
• ✅ Windows Defender
• ✅ Chrome AntiVirus
• ✅ Manalyzer

Release-0.0.2

Infos

bADR (12 ko)

• ❌ Virustotal 11/71
• ✅ Windows Defender
• ✅ Chrome AntiVirus
• ✅ Manalyzer

ADR (XOR 305 ko)

• ✅ Virustotal 11/71
• ✅ Windows Defender
• ✅ Chrome AntiVirus
• ✅ Manalyzer

ADR (dll)

• ❌ Virustotal 4/70
• ❌ Manalyzer
• ✅ Chrome AntiVirus
• ✅ Windows Defender

Release-0.0.1

Infos

optimized version of ADR with a reduced size thanks to UPX

bADR (12 ko)

• ❔ Virustotal 2/70
  • ❌ Elastic (moderate)
  • ❌ SecureAge(MALICIOUS)
  • ✅ 70...
• ✅ Windows Defender
• ✅ Chrome AntiVirus
• ✅ Manalyzer

ADR (XOR 302 ko)

• ✅ Virustotal 72/72
• ✅ Windows Defender
• ✅ Chrome AntiVirus
• ✅ Manalyzer