4rchib4ld
4rchib4ld
/ Photoloader C2
Last active
May 14, 2021 10:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tvorartificialnature.xyz | |
| secondpilots.space | |
| stoikoplot.xyz | |
| provokordino.space | |
| oceanwaterfree34.xyz | |
| otreincomsal.space | |
| holkaxlopot.space | |
| 234tvgro.space | |
| gladdisfliop.xyz | |
| afdeserutil32.website |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binascii | |
| import string | |
| import pefile | |
| import argparse | |
| def extractPayload(file): | |
| # Extracting the payload from the .data section | |
| print("[+] Extracting the payload...") | |
| pe = pefile.PE(file) | |
| for section in pe.sections: |