This repository comes with the second article in the Medium series named "Understanding Malware Configuration Patching." It illustrates how Windows application resources can be used to hide malware inside a legitimate bitmap image through a simple yet effective steganography technique. This technique involves encoding shellcode within the red value of bitmap pixels. The shellcode is then decoded at runtime and executed within the host application.
No binaries are distributed with the source code. To compile your own version, you can download the free version of Delphi (Delphi Community Edition). For testing, ensure you use a stub compiled in release mode.