Ever have that not so safe feeling uploading your malware binaries to VirusTotal or other AV sites because you can look up binaries by hashes? (Example: https://github.com/mubix/vt-notify)
Feel somewhat safer with Recomposer!*
Recomposer will take your binary and randomly do the following:
- Change the file name
- Change the section names
- Change the section flags
- Injection random number of five different types of nops into each available code cave over 20 bytes in length
Supports win32/64 PE Files!!
Two modes:
- Manual: Works like a PE Editor, change section names and flags
- Auto: Randomly changes the binary
- No hash collisions
- ssdeep matching percentage to the original file ranged from 94% to 77%