You are browsing the archive for Reusigned Binaries.

Sitting on the Lolbins, 8

August 27, 2019 in Anti-Forensics, Living off the land, LOLBins, Reusigned Binaries

Another launcher from Dell is presented below. Similarly to the one I described earlier, it relies on an .ini file named after the main .exe. This time the commands can be selected depending on an OS version though e.g.:

[CommandLine]
Command_x86=java.exe
Command_XP_x64=java.exe
Command_2003_x64=java.exe
Command_VISTA_x64=java.exe

Sample: 00F87A7F5BC496DA831ECA31010521D2297621575DAA163FA2E9CD50DB5461A9

Sitting on the Lolbins, 7

August 26, 2019 in Anti-Forensics, Living off the land, LOLBins, Reusigned Binaries

This is another launcher from Dell (internal name: User’s Guide Launcher). It requires an .ini file named the same way as the launcher executable and it must present in a same directory (i.e. test.exe requires test.ini).

The .ini file content is pretty straightforward:

[CommandLine]
Command=<your command line>

Sample:

63FC24D30228FA08D46CF8B86C53C77E5A3CCED78B96E133CEC71C71FC179519