├── LICENSE
├── README.md
├── bin.samples
    ├── HelloDll
    │   ├── Debug
    │   │   └── HelloDll.dll
    │   ├── HelloDll.sln
    │   ├── HelloDll
    │   │   ├── HelloDll.cpp
    │   │   ├── HelloDll.vcxproj
    │   │   ├── HelloDll.vcxproj.filters
    │   │   ├── dllmain.cpp
    │   │   ├── stdafx.cpp
    │   │   ├── stdafx.h
    │   │   └── targetver.h
    │   └── Release
    │   │   └── HelloDll.dll
    ├── Hellobin
    │   ├── Debug
    │   │   └── Hellobin.exe
    │   ├── Hellobin.sln
    │   ├── Hellobin
    │   │   ├── Hellobin.vcxproj
    │   │   └── Source.cpp
    │   ├── Release
    │   │   └── Hellobin.exe
    │   └── x64
    │   │   ├── Debug
    │   │       └── Hellobin.exe
    │   │   └── Release
    │   │       └── Hellobin.exe
    ├── NewHello
    │   ├── NewHello.sln
    │   └── NewHello
    │   │   ├── App.config
    │   │   ├── NewHello.csproj
    │   │   ├── Program.cs
    │   │   ├── Properties
    │   │       └── AssemblyInfo.cs
    │   │   └── bin
    │   │       ├── Debug
    │   │           └── NewHello.exe
    │   │       └── Release
    │   │           └── NewHello.exe
    └── README.md
├── filesystem.dll
    ├── Dropper.sln
    ├── Dropper
    │   └── Dropper
    │   │   ├── Dropper.vcxproj
    │   │   ├── Resource.rc
    │   │   ├── Source.cpp
    │   │   └── resource.h
    ├── README.md
    └── x64
    │   └── Release
    │       └── Dropper.dll
├── filesystem.exe
    ├── Dropper.sln
    ├── Dropper
    │   └── Dropper
    │   │   ├── Resource.rc
    │   │   ├── Source.cpp
    │   │   └── resource.h
    └── README.md
├── inmemory.dll
    ├── Dropper.sln
    ├── Dropper
    │   ├── Dropper.vcxproj
    │   ├── Resource.rc
    │   ├── Source.cpp
    │   └── resource.h
    ├── README.md
    └── x64
    │   └── Release
    │       └── Dropper.dll
├── inmemory.filesystem.dll
    ├── Dropper.sln
    ├── Dropper
    │   ├── Dropper.vcxproj
    │   ├── Resource.rc
    │   ├── Source.cpp
    │   └── resource.h
    ├── README.md
    └── Release
    │   └── Dropper.dll
├── paper
    ├── roots_mlsec20.pdf
    └── roots_shallow.pdf
└── utils
    ├── README.md
    ├── basexor.py
    ├── encode.py
    ├── exports.py
    └── patch.py


/LICENSE:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/LICENSE


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/README.md


--------------------------------------------------------------------------------
/bin.samples/HelloDll/Debug/HelloDll.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/HelloDll/Debug/HelloDll.dll


--------------------------------------------------------------------------------
/bin.samples/HelloDll/HelloDll.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/HelloDll/HelloDll.sln


--------------------------------------------------------------------------------
/bin.samples/HelloDll/HelloDll/HelloDll.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/HelloDll/HelloDll/HelloDll.cpp


--------------------------------------------------------------------------------
/bin.samples/HelloDll/HelloDll/HelloDll.vcxproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/HelloDll/HelloDll/HelloDll.vcxproj


--------------------------------------------------------------------------------
/bin.samples/HelloDll/HelloDll/HelloDll.vcxproj.filters:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/HelloDll/HelloDll/HelloDll.vcxproj.filters


--------------------------------------------------------------------------------
/bin.samples/HelloDll/HelloDll/dllmain.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/HelloDll/HelloDll/dllmain.cpp


--------------------------------------------------------------------------------
/bin.samples/HelloDll/HelloDll/stdafx.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/HelloDll/HelloDll/stdafx.cpp


--------------------------------------------------------------------------------
/bin.samples/HelloDll/HelloDll/stdafx.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/HelloDll/HelloDll/stdafx.h


--------------------------------------------------------------------------------
/bin.samples/HelloDll/HelloDll/targetver.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/HelloDll/HelloDll/targetver.h


--------------------------------------------------------------------------------
/bin.samples/HelloDll/Release/HelloDll.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/HelloDll/Release/HelloDll.dll


--------------------------------------------------------------------------------
/bin.samples/Hellobin/Debug/Hellobin.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/Hellobin/Debug/Hellobin.exe


--------------------------------------------------------------------------------
/bin.samples/Hellobin/Hellobin.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/Hellobin/Hellobin.sln


--------------------------------------------------------------------------------
/bin.samples/Hellobin/Hellobin/Hellobin.vcxproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/Hellobin/Hellobin/Hellobin.vcxproj


--------------------------------------------------------------------------------
/bin.samples/Hellobin/Hellobin/Source.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/Hellobin/Hellobin/Source.cpp


--------------------------------------------------------------------------------
/bin.samples/Hellobin/Release/Hellobin.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/Hellobin/Release/Hellobin.exe


--------------------------------------------------------------------------------
/bin.samples/Hellobin/x64/Debug/Hellobin.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/Hellobin/x64/Debug/Hellobin.exe


--------------------------------------------------------------------------------
/bin.samples/Hellobin/x64/Release/Hellobin.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/Hellobin/x64/Release/Hellobin.exe


--------------------------------------------------------------------------------
/bin.samples/NewHello/NewHello.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/NewHello/NewHello.sln


--------------------------------------------------------------------------------
/bin.samples/NewHello/NewHello/App.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/NewHello/NewHello/App.config


--------------------------------------------------------------------------------
/bin.samples/NewHello/NewHello/NewHello.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/NewHello/NewHello/NewHello.csproj


--------------------------------------------------------------------------------
/bin.samples/NewHello/NewHello/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/NewHello/NewHello/Program.cs


--------------------------------------------------------------------------------
/bin.samples/NewHello/NewHello/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/NewHello/NewHello/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/bin.samples/NewHello/NewHello/bin/Debug/NewHello.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/NewHello/NewHello/bin/Debug/NewHello.exe


--------------------------------------------------------------------------------
/bin.samples/NewHello/NewHello/bin/Release/NewHello.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/NewHello/NewHello/bin/Release/NewHello.exe


--------------------------------------------------------------------------------
/bin.samples/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/bin.samples/README.md


--------------------------------------------------------------------------------
/filesystem.dll/Dropper.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.dll/Dropper.sln


--------------------------------------------------------------------------------
/filesystem.dll/Dropper/Dropper/Dropper.vcxproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.dll/Dropper/Dropper/Dropper.vcxproj


--------------------------------------------------------------------------------
/filesystem.dll/Dropper/Dropper/Resource.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.dll/Dropper/Dropper/Resource.rc


--------------------------------------------------------------------------------
/filesystem.dll/Dropper/Dropper/Source.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.dll/Dropper/Dropper/Source.cpp


--------------------------------------------------------------------------------
/filesystem.dll/Dropper/Dropper/resource.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.dll/Dropper/Dropper/resource.h


--------------------------------------------------------------------------------
/filesystem.dll/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.dll/README.md


--------------------------------------------------------------------------------
/filesystem.dll/x64/Release/Dropper.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.dll/x64/Release/Dropper.dll


--------------------------------------------------------------------------------
/filesystem.exe/Dropper.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.exe/Dropper.sln


--------------------------------------------------------------------------------
/filesystem.exe/Dropper/Dropper/Resource.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.exe/Dropper/Dropper/Resource.rc


--------------------------------------------------------------------------------
/filesystem.exe/Dropper/Dropper/Source.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.exe/Dropper/Dropper/Source.cpp


--------------------------------------------------------------------------------
/filesystem.exe/Dropper/Dropper/resource.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.exe/Dropper/Dropper/resource.h


--------------------------------------------------------------------------------
/filesystem.exe/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/filesystem.exe/README.md


--------------------------------------------------------------------------------
/inmemory.dll/Dropper.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.dll/Dropper.sln


--------------------------------------------------------------------------------
/inmemory.dll/Dropper/Dropper.vcxproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.dll/Dropper/Dropper.vcxproj


--------------------------------------------------------------------------------
/inmemory.dll/Dropper/Resource.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.dll/Dropper/Resource.rc


--------------------------------------------------------------------------------
/inmemory.dll/Dropper/Source.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.dll/Dropper/Source.cpp


--------------------------------------------------------------------------------
/inmemory.dll/Dropper/resource.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.dll/Dropper/resource.h


--------------------------------------------------------------------------------
/inmemory.dll/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.dll/README.md


--------------------------------------------------------------------------------
/inmemory.dll/x64/Release/Dropper.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.dll/x64/Release/Dropper.dll


--------------------------------------------------------------------------------
/inmemory.filesystem.dll/Dropper.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.filesystem.dll/Dropper.sln


--------------------------------------------------------------------------------
/inmemory.filesystem.dll/Dropper/Dropper.vcxproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.filesystem.dll/Dropper/Dropper.vcxproj


--------------------------------------------------------------------------------
/inmemory.filesystem.dll/Dropper/Resource.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.filesystem.dll/Dropper/Resource.rc


--------------------------------------------------------------------------------
/inmemory.filesystem.dll/Dropper/Source.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.filesystem.dll/Dropper/Source.cpp


--------------------------------------------------------------------------------
/inmemory.filesystem.dll/Dropper/resource.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.filesystem.dll/Dropper/resource.h


--------------------------------------------------------------------------------
/inmemory.filesystem.dll/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.filesystem.dll/README.md


--------------------------------------------------------------------------------
/inmemory.filesystem.dll/Release/Dropper.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/inmemory.filesystem.dll/Release/Dropper.dll


--------------------------------------------------------------------------------
/paper/roots_mlsec20.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/paper/roots_mlsec20.pdf


--------------------------------------------------------------------------------
/paper/roots_shallow.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/paper/roots_shallow.pdf


--------------------------------------------------------------------------------
/utils/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/utils/README.md


--------------------------------------------------------------------------------
/utils/basexor.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/utils/basexor.py


--------------------------------------------------------------------------------
/utils/encode.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/utils/encode.py


--------------------------------------------------------------------------------
/utils/exports.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/utils/exports.py


--------------------------------------------------------------------------------
/utils/patch.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/marcusbotacin/Dropper/HEAD/utils/patch.py


--------------------------------------------------------------------------------