The exploit generates a fake .txt file with a backdoor. The main idea is executed an exe/bat file without user knowing about it. DM to my telegram to buy: @shinyenigma
The .lnk invokes a hidden powershell console ➡️ The powershell script downloads/create a txt file with the same name and opens it in Notepad + downloads,saves and starts the exe file you`ve binded
✅NEW: additional link encoding and obfuscating
✅Easy-to use builder
✅Fake description generator
✅Hiding the backdoor code deep inside the binary. It is impossible to see the file content in the properties string (see the screenshot below)
✅Txt downloading option for long text files
✅Silent powershell console on background
✅Anti-analyzing - any change of properties will turn the infected file into a harmless one, all the malicious code will be destroyed
✅Bypassing Windows SmartScreen alert (the application will be started by another (trusted) application)
✅Windows Defender doesn`t block or delete the generated file