146 – CREATE SELF-EXTRACTING .EXE FILES TO AVOID ANTIVIRUS DETECTION

INTRODUCTION

Due to AntiVirus scan-and-removal software, it is quite common these days to find that a useful little tool or utility .exe file has mysteriously disappeared!

Your AV software may have ignored it for months, but then suddenly, after a ‘AV virus definitions update’ it now takes a strong dislike to it and deletes it!

Even if you zip up the file, most AV software will detect and flag it.

Here is a way of hiding such files – e.g. Many nirsoft and syssoft utilities seem to trigger AV detection because they could be used for naughty purposes.

ENCRYPTION

You can make an encrypted self-extracting .exe file using 7Zip from the command line

“c:\Program Files\7z\7z.exe” a -sfx -pmypassword c:\temp\new c:\temp\nircmd.exe

This makes a new.exe file which is protected by a password.

In this case, nircmd.exe is the file we want to encrypt.

-sfx causes it to make a self-encrypted exe file.

Because we have made a self-encrypted file, we can distribute it to others via the web or add it to our Windows batch files without needing 7Zip.

EXTRACTION

To extract the files from the zip file, you can run it with the following parameters from a batch file:

c:\temp\new.exe -p”mypassword” -y -oc:\temp\1\

REM now we can quickly run the exe…

c:\temp\1\nircmd.exe speak text “Hi”

where C:\temp\1 is the destination folder (if omitted, the current folder will be used).

-y forces it to overwrite any existing file of the same name.

Of course, you can just double-click on the file too, to unpack it.


7zSFX.exe

There is an old project here which provides a simple GUI to make a 32-bit SE .exe file (from a file or folder) which will then run as Admin, extract the files to a temporary location and then run a specified file (use drop-down list for Execute File).



Easy2Boot (E2B) is popular multiboot USB solution that also contains agFM and Ventoy. It supports both Legacy and UEFI.
Simply copy on your bootable ISO files to the E2B USB drive and boot! Boot to DOS, Linux, Windows Install ISOs (XP>Win11),
automate Windows installs, WIM files, VHD files, images of flash drives, Linux ISO+persistence, etc.
E2B is unique in that it uses partition images which allows you to directly boot from Secure Boot images (no need to disable Secure Boot or run MOK manager or modify your UEFI BIOS).

eBooks

The following eBooks (in PDF format) are available from the developer (rated 4.5/5 stars).

Also visit Easy2Boot.xyz and the my blog – please subscribe for the latest news, tips, USB boot articles and news of free eBook updates.