Folder In Use about blank-grabber HOT 11 CLOSED

Also is there anyway we can find where the stub is hidden?

from blank-grabber.

Your pc is saying that your dist folder is in use because the grabber hide itself when you opened it. Close it with taskmanager. Process name "fsutil.exe".

If the startup option is set to True, it will hide the exe in %appdata% folder and its vbs script containing the exe's path in shell:startup folder.

If you want to delete the file from your appdata folder. Just open cmd and navigate to the %appdata% folder.
type attrib "filename" -s -h
It will reveal itself and delete it

from blank-grabber.

thank you very much

from blank-grabber.

do you have any tips on how we could obfuscate the grabber to give it enough time to run before AV detects it? you could answer here or add my discord are17#1427

from blank-grabber.

@dotmp4 One way to to obfuscate it with some key and use the random module to bruteforce the key. It might take enough time on some runs. Also, most of the antiviruses do not run the program in their space. They just check if the hash of the file or strings in it are similar to other malware or not

from blank-grabber.

so basically just use key obfuscation and use that to obfuscate the finished exe? I also appreciate you for responding back quickly and solving everyone's problems. your software is amazing

from blank-grabber.

Thanks for the amazing review.
you can also make the exe sleep instead of the bruteforcing method.

import time

time.sleep(100) #Pause the execution for 100 seconds and then continue```

from blank-grabber.

where would i input this code?

from blank-grabber.

replace the line 22 of your main.py

with

import time; time.sleep(100)

from blank-grabber.

just did it and it waited 100 seconds. what does this do exactly?

from blank-grabber.

It pauses the execution of the grabber and continue it after 100 seconds

from blank-grabber.