well this is quite simple bro´s...


if you once got the server of any badass who wants to infect you or any other or maybe this scenario..
you know anyone will seed nfect others by spread his malware ( bifrost ) anywhere ...


1.
download it

2.
open his server in hex editor

3.

cut the EOF data and save it to HIJACKED_STUB.exe


nearer explantation:

to step 1

if ya not abled to dl anything by yourself ...sry XD

2.
take any ...realy any hexeditor of your choice
( be sure you are not executing it )


3.
scroll to the end of the server
the last data you´ll find these are the EOF data ...
there are the settings dns where to inject and such placed .....
[attachimg=1]

cutting these of will make it an normally stub again...


i cant tell you the exactly place of the offset coz you will hardly find an not encrypted server
in the internet ... bifrost itself is to detected and the size depends on the crypter stubs size .
so if you are a lil experienced you will be abled to find it ;)

good luck haZl0oh
=========================================


any moderator can move it to undetection papers pls ???
thx