Hi, I'm a malware analyist and ethical hacker aswell #3
Description
Your tool is amazing 🖤 but the explanation is not accurated: the download method needs to chain a MOTW bypass vulnerability to be effective, or exploiting vulnerabilities in how downloads are handled by Adobe to call unintended methods that can bypass Smartscreen.
Downloading unsigned raw binaries from browser will make Smartscreen rage, a lot. You must first bypass Smartscreen then victim can trust you. Otherwise they will get blue banner "Unrecognized app, don't run", most average Windows users will shit their pants on this banner and just delete the dropper.
However, Mr. 0x6rss, the first part of the attack is very well-crafted, I like the Python injector. Thanks you. 🖤