Gemini’s current release
This is the first release of Gemini’s changes. Since this is the first set of release notes, the initial set-up will be explained and the latest tweaks will be described.
Gemini is built in a modular way. Each module can be used to generate code in another language. Currently, the only implemented module exports C-code for the Windows platform. Since Windows is the most used platform, this is the first focus.
In the project, there are two packages: gemini and moduleC.
This package contains Gemini.java, which is the main function to launch the program and detect which package should be called.
Utilities.java contains functions and fields that can be used by any module. Writing a file to a directory is an example of this.
This module contains multiple files and can be seen as a project on its own, as is every module. The ModuleC.java file is called first, which displays the general information to the user and executes basic sanity checks based on the user input.
After this, the Generator.java file is called, which generates the code. To keep the structure in the file, the functions to evade anti-virus suites are placed in Anti-Virus.java. Sandbox.java for sandbox evasion and Virtualisation.java for virtualization evasion.
The *Techniques.java files are enums and are created to improve the communication between the classes.
The lay-out of this module will be the general lay-out for every module in the future, assuming that all three evasion vectors are utilised in the module.