For those who are less experienced with pay per install method:
Binders - Or joiners as some of you like to call, are tools that bind (join) two files together so they look like one file. Of course it is used to bind your payload (aka ppi.exe) with file you are sharing, for starters iexpress is ok but later you should buy/code your own binder because they are detected by Anitvirus.
FUD binders means that they are fully undetectable by Antivirus, more private binder is, more likely to stay FUD is.
Iexpress is Windows default binder, and can be started via Run command> iexpress.exe
NOTE TO ALL: Don't scan your binded files on VirusTotal because they send files for analyzing to virus companies !!!
Downloaders - Small app that should be binded together with the file you are sharing and when it is started it downloads and install your ppi.exe from web (your or companies web server)
PPI companies frequently change their .exe file to be FUD, so via downloader you can only change the file it downloads and no need to remake your torrents and other files again.
Of course downloaders can/are detected by AV's but i think they are easier to code and are less likely to get notice by Antivirus software.
Crypters - Will of course crypt your payload to be FUD, but can screw it so you wont get any installs, so if you are not sure what are you doing don't use them.
Rember, this stuff is public release, so it is probably detected by some AV.
No comments:
Post a Comment