Executables are the traditional trojan horses when it comes to delivering malicious code into a target. Executables can be crafted, moulded and camouflaged to hide the malicious code within. Here are some of the tools to get it done.
Cross Compilation - Exe in Linux
Many a times an executable may have to be crafted in a Linux server. MinGM is a great tool to get it done,
UPX is an open source executable packer that is capable of compressing an executable. The executable does not require any special extractor or memory to run on the target system.
upx filename
upx -d filename #decompress command
Masquerade Executable into Hex file
Exe2hex is a handy tool to convert an exe into a hex file and have powershell convert it back in the target machine. This is more useful for tricking firewalls and antivirus softwares.
It is possible to inject malicious code into a well known executable such as the installer for winrar or winzip. Besides the installation of the actual software, the malicious code will also get executed in the target system.
Shellter is a great tool for achieving dynamic shell code injection.
