First, we test and encode Warzone RAT without selecting any options, and then we try it again by selecting Warzone Rat options.
Before starting the encryption, test the file for a successful connection.
If you connected successfully, follow these steps:
Leave the Warzone RAT setting and use the Data Encoder Crypter options instead.
On the Data Encoder Crypter, leave the Injection Host if you don’t know what it is or how it works!
We have explained the primary features in this tutorial. You can employ these options like clone Code Sign Certificate.
Change the assembly to get FUD results. Note: Most detections are from assembly and icons, so use clean ones.
Clone assembly from not-popular apps is the best option.
Also, the “Compress” or “Increase File Size” option can help get FUD results.
You can Clone the certificate option too. You can read how make FUD file with crypter for more information.
Click on the Encode button and choose a name that matches the assembly. (Most antivirus are sensitive to this, so choose the right name). We recommend watching how bypass antivirus videos.
Now run the encrypted file and wait for the connection.
We chose the AddInProcess32 injection, and your file process name will change to it. Read the crypter process hollowing and PE Injection for more details.
And finally, Warzone RAT encrypted payload gets a successful connection, and you make the FUD Warzone payload. You can read how make FUD file with crypter too.
Now We select the Warzone RAT setting like Startup, Offline Microphone Recording, Offline Keylogger, Persistence/Watchdog. You can read more about Keylogger here. Let’s go to make FUD Warzone RAT.
Enter your Hostname and port as mentioned before, and build Warzone RAT client.
Note test the file again before encrypting, and if you get a successful connection, follow these steps:
You must use FUD Crypter Runtime like Data Encoder Crypter and put the Injection Host on “Itself” in this section.
Note the file is injected into itself, so the name of the process will remain the same as the file’s name.
Change your assembly and follow all before options to get FUD results. We recommend watching bypass Windows Defender videos.
Now test the encrypted Warzone RAT payload and see the successful connection. Test your encrypted file with crypter Runtime tool too.