How to bind several exe and run them separately?

0
votes

Do not let topic to mix you up. My issue is a bit different from what asked frequently. I have 6 command line tools and I want to pack them as 1 exe (or whatever) file.

Different part is, this not a malware to hide something behind other. They shouldn't run in same time. And I need to pass them command line parameters also.

What I already can do is to pack them (archive) and extract them to "filesystem" regarding to need. But this is also not what I look for. Trying to find something like unpacking directly to RAM etc. Or same logic as UPX like tools. And not to forget. Those exe's are not .Net stuff. I already found people asking about that but no also.

I think my demand is something with pain but. Hope to find someone experienced out of here.

1
windowsexeportable-executable
Instead of listing what you don't want to do, how about telling us what you do want to do. So you don't want to extract file the file system and then run. Well, what do you want to do instead? Beyond that, you might not regard this as malware but rest assured that anti-malware tools, whether you agree with them or not, are liable to take a different stance. You can argue all you like, until you are blue in the face, but the anti-malware tools, and not you, get to determine whether or not your program is malware.David Heffernan
possible duplicate of CreateProcess from memory bufferDavid Heffernan
I edit the question to be more clear and exclude confusing samples. Thanks for pointing. And when it comes to antimalware tools, since this exe will be just a container for many, and all software used in it is already safe. I dont think that they will cause headache. More technically, in signature check there is nothing malicious. And in sandbox+heuristic check, it will just stay still without doing an action (sanboxes to not make a brute force try on all possible parameters. they just execute usual and observe).inovasyon
I think that as soon as you start attempting to execute a process from memory rather than from disk, something that is explicitly not supported in Windows FWIW, some anti-malware tools will object.David Heffernan
Packers like upx etc does it without exracting to file system. But, I don't think that there is a solution as powerful as them for this purpose. And some lazy coding av vendors (score kings of false positive tests,dont want to mention brands) tagging all packers as malware. Like knife is for killing a man. Dont use it. Use something else even for preparing salad. Those softs out of my worry. Nothing to do about them.inovasyon

1 Answers

0
votes

You could unpack them into TEMP directory and remove when all things are finished. Very often this is a suitable approach.

Another way is to use commercial solutions like BoxedApp.

Anyway, Windows itself doesn't have a way to launch an exe (I suppose that mentioned command line tools are executable files, not batch files) from a memory. It is always a "hack" to emulate running a process from memory.