QLoader is a PE loader creator that helps you quickly create a non-exe loader for application
- Easy to Create a non-exe Loader to avoid Anti-Virus Detection
- Easy to Define Patching Patterns under the JSON File Format
- Easy to Modify Patching Information (Target, Pattern, etc)
- Support both PE 32-bit & 64-bit
- Modify direct the created Loader for updating (do not need to
Save Projectfor maintenance) - Create Loader as
- Windows Shortcut .LNK
- Internet Shortcut .URL
- HTML Hyperlink
qloader: ...(liketel: ...,skype: ..., etc)
- Patching Methods
- Fully Loaded
- At Entry Point
- Unpacking (
TODO Later)
Released under the MIT license
Note: Remember to turn on sub-title (CC) when watching
Pattern File (Template)
{
"name": "this is a name",
"brief": "this is a brief",
"modules": [
{
"name": "user32.dll",
"enabled": true,
"patches": [
{
"name": "patch 1",
"pattern": "11 22 ?? 44",
"replacement": "12 21",
"offset": "1h",
"enabled": false
},
{
"name": "patch 2",
"pattern": "33 44 ?? ?? 77",
"replacement": "34 43",
"offset": "0x2",
"enabled": true
}
]
},
{
"name": "kernel32.dll",
"enabled": false,
"patches": [
{
"name": "patch 3",
"pattern": "55 66",
"replacement": "56 65",
"offset": "3",
"enabled": true
},
{
"name": "patch 4",
"pattern": "77 88",
"replacement": "78 87",
"offset": "4h",
"enabled": false
},
{
"name": "patch 5",
"pattern": "99 ?? AA BB CC DD FF",
"replacement": "90 09",
"offset": "0x5",
"enabled": true
}
]
}
]
}
Take a look at the test folder to see more examples
Required
Installed
Visual Studio C++ 2019or laterInstalled Vutils library
Steps
Step 1. Check the repo by command
git clone --recursive https://github.com/vic4key/QLoader.gitStep 2. Open
QLoader.slninMS Visual Studioand start to work
- Support
Unpackingpatching method that using for complex packed/protected target - Support builtin editor or a quick way for adding new patch entry