Dr0p1t – Framework to Create Dropper and Bypass most AVs

Dr0p1t is a framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks. Trojan dropper is type of malware that downloads other malwares and Dr0p1t gives user the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks.

Dr0p1t - Framework to Create Dropper and Bypass most AVs
Dr0p1t – Framework to Create Dropper and Bypass most AVs

Features included with this framework are:

+ Generated executable properties:

  • The executable size is smaller compared to other droppers generated the same way.
  • Download executable on target system and execute it silently..
  • Self destruct function so that the dropper will kill and delete itself after finishing it work
  • Escape disk forensics by making all the files dropper create and dropper also cleans its content before deletion
  • Clear event log after finishing.

+ Framework properties:

  • Works with Windows, Linux and now have OSX support
  • Dr0p1t-Server feature (beta)
  • Dr0p1t-Server have a scam option (beta)

+ Modules:

  • Find and kill antivirus before running the malware.
  • The ability to disable UAC.
  • The ability to run your malware as admin.
  • Full spoof by spoofing the file icon and extension to any thing you want.
  • ZIP files support so now you can compress your executable to zip file before uploading.
  • Running a custom ( batch|powershell|vbs ) file you have chosen before running the executable
  • In running powershell scripts it can bypass execution policy
  • Using UPX to compress the dropper after creating it

+Persistence modules:

  • Adding executable after downloading it to startup.
  • Adding executable after downloading it to task scheduler ( UAC not matters ).
  • Adding your file to powershell user profile so your file will be downloaded and ran every time powershell.exe run if it doesn’t exist.

You can read more and download this tool over here: https://github.com/D4Vinci/Dr0p1t-Framework

Share