SLAE - Polymorphic Shell December 25th, 2021 Michael Metzjer Summary Code that uses a polymorphic engine to mutate while keeping the original algorithm intact. https://en.wikipedia.org/wiki/Polymorphic_code Structure -- aes.c -- aes.h -- aes.hpp -- main.cpp -- ncrypt.cpp AES256 Encryption Compiler $ g++ -c -o includes/aes.h includes/aes.hpp includes/aes.c aes.o Shellcode Encryption $ g++ ncrypt.cpp aes.o (256 encryption key) PE Injection Compiler $ g++ main.cpp aes.o Task Attempt at writing custom malware binary + remote process simulation with encrypted shellcode that executes with minimal AV detection. (Educational) 1. Creates new process to host malicious code in suspended mode. 2. 3.