{"id":20380414,"url":"https://github.com/gagniuc/binary-metamorphosis","last_synced_at":"2026-03-10T04:02:42.941Z","repository":{"id":151549548,"uuid":"469095779","full_name":"Gagniuc/Binary-metamorphosis","owner":"Gagniuc","description":"The VB6 applications shown here use the hexadecimal system to encode the binary content of an executable file. The point here is that one may compile an executable file that contains another executable file inside. Once the new executable file is executed, it is able to write the embedded executable file on disk as an independent executable file. ","archived":false,"fork":false,"pushed_at":"2022-11-20T08:09:02.000Z","size":2709,"stargazers_count":7,"open_issues_count":0,"forks_count":6,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-04T22:25:30.156Z","etag":null,"topics":["application","bin","binary","convert","converter","digits","encode","exe","files","hex","hexadecimal","vb6"],"latest_commit_sha":null,"homepage":"","language":"Visual Basic 6.0","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Gagniuc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"Gagniuc"}},"created_at":"2022-03-12T13:49:56.000Z","updated_at":"2024-04-28T04:05:20.000Z","dependencies_parsed_at":null,"dependency_job_id":"773489d8-601d-4156-a306-8415a1a0f451","html_url":"https://github.com/Gagniuc/Binary-metamorphosis","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/Gagniuc/Binary-metamorphosis","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gagniuc%2FBinary-metamorphosis","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gagniuc%2FBinary-metamorphosis/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gagniuc%2FBinary-metamorphosis/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gagniuc%2FBinary-metamorphosis/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Gagniuc","download_url":"https://codeload.github.com/Gagniuc/Binary-metamorphosis/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Gagniuc%2FBinary-metamorphosis/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30324185,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-10T01:36:58.598Z","status":"online","status_checked_at":"2026-03-10T02:00:06.579Z","response_time":106,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["application","bin","binary","convert","converter","digits","encode","exe","files","hex","hexadecimal","vb6"],"created_at":"2024-11-15T02:07:13.969Z","updated_at":"2026-03-10T04:02:42.907Z","avatar_url":"https://github.com/Gagniuc.png","language":"Visual Basic 6.0","funding_links":["https://github.com/sponsors/Gagniuc"],"categories":[],"sub_categories":[],"readme":"# Binary metamorphosis\n\nConsider a situation in which you don't have te source code of your own application; but the compiled version is usable as a component part in a more complex software system. The VB6 applications shown here are able to convert any executable file (ie. \u003ckbd\u003e.exe\u003c/kbd\u003e or any type of file in fact) to VB6 source code which can be included back into a VB6 application. Once inserted into a new VB6 application, the source code can be used to completely restore the original executable file to disk in the same directory as the application that incorporates the code. The point here is that one may compile an executable file that contains another executable file inside. Once the new executable file is executed, it is able to write the embedded executable file on disk as an independent executable file. Note that there are three separate versions of this application in the repository, but the difference between them is very small and it is more related to the user interface than the source code. Unless a specific executable file is chosen by the user for conversion, by default, these applications will convert a \u003ckbd\u003etini.exe\u003c/kbd\u003e file to hexadecimal in order to demonstrate the method.\n\n\u003cimg src=\"https://github.com/Gagniuc/Binary-metamorphosis/blob/main/img/1.png?raw=true\" alt=\"Binary metamorphosis\"\u003e\n\n\u003cb\u003eNote\u003c/b\u003e: The \u003ci\u003eBinary metamorphosis\u003c/i\u003e application is appropriate for embedding files with sizes under 1Mb, such as small binaries, small images, .dll files, .ocx files, small sound files, .ico files, .docx files, excel files, powerpoint files and so on.\n\n# Regarding tini.exe or tini.executable\n\nSome antivirus engines that lack sophistication or professionalism may popup up false detections in connection to \u003ckbd\u003etini.exe\u003c/kbd\u003e. It is true that the method shown here has been used in the malware world countless times to hide executable files. However, this method proves to be extremely useful for virtuous purposes, such as software automation or for removing dependencies by incorporating certain resources into the compiled file. Thus, coding methods should not be used as signatures for detection by antivirus engines. Otherwise, this would be similar to: \"\u003ci\u003ewe no longer use uranium in nuclear power plants because atomic bombs can be made with it\u003c/i\u003e\". Nonetheless, the VB6 source code of \u003ckbd\u003etine.exe\u003c/kbd\u003e is available in the \u003ckbd\u003etini\u003c/kbd\u003e folder and it can be compiled at will. An MD5 comparison of the newly compiled file and the old file uploaded here verifies that \u003ckbd\u003etini.exe\u003c/kbd\u003e is NOT malware. As one can see in the source code of \u003ckbd\u003etini.exe\u003c/kbd\u003e, the application is completely empty and contains a simple window with the message:\n\n\u003cimg src=\"https://github.com/Gagniuc/Binary-metamorphosis/blob/main/img/tini.png\" alt=\"tini.exe\"\u003e\n\nThe following signatures are expected from the file you are compiling or from the \u003ckbd\u003etini.exe\u003c/kbd\u003e files (aka \u003ckbd\u003etini.executable\u003c/kbd\u003e) already compiled and uploaded here:\n\n```\nMD5 File Checksum: 7c0ec696bf28f7c72e200a52f5c80d85\nSHA512 File Hash:  cefa3d2bfe1b8f19bd0e23d5e5ccc3bbda0c44936a4c7f2f1ae3d9b7d1c8c04a0b5139dbf7f65c664f1b7aed86c7bbe6f9ff18cf22ba1cbcc5e491d9fd03debc\n```\n\nNote that tini.exe is a small file (16Kb) and it is used here for providing an exemplification by using smaller VB6 source code. However, one may use any executable file. Moreover, this method can embed any type of file, not only executables.\n\n# Hexadecimal (or hex)\n\nThe VB6 application shown here uses the hexadecimal system to encode the binary content of an executable file. But hat is hexadecimal? Hexadecimal is a base 16 system that is used for binary representation. A hex digit can be any of the following 16 digits: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F, were each hex digit represents a 4-bit binary sequence. The table below shows the association of each hex digit with the equivalent values in binary and denary:\n\n| Denary | Binary | Hexadecimal |\n| :---   |  :---: |     ---:    |\n| 0      | 0000   | 0           |\n| 1      | 0001   | 1           |\n| 2      | 0010   | 2           |\n| 3      | 0011   | 3           |\n| 4      | 0100   | 4           |\n| 5      | 0101   | 5           |\n| 6      | 0110   | 6           |\n| 7      | 0111   | 7           |\n| 8      | 1000   | 8           |\n| 9      | 1001   | 9           |\n| 10     | 1010   | A           |\n| 11     | 1011   | B           |\n| 12     | 1100   | C           |\n| 13     | 1101   | D           |\n| 14     | 1110   | E           |\n| 15     | 1111   | F           |\n\nIt is much less time consuming to write numbers as hex than to write them as binary numbers. An 8-bit binary number can be written using only two different hex digits, one hex digit for each group of 4-bits. An 16-bit binary number can be written using only four different hex digits, and so on. For example, an 8-bit binary number like \u003ckbd\u003e10100101\u003c/kbd\u003e would be \u003ckbd\u003eA5\u003c/kbd\u003e in hex. An 16-bit binary number like \u003ckbd\u003e1011110001101110\u003c/kbd\u003e would be \u003ckbd\u003eBC6E\u003c/kbd\u003e in hex. To continue with the exemplification, a hex representation like \u003ckbd\u003eCCCCC7\u003c/kbd\u003e would be \u003ckbd\u003e110011001100110011000111\u003c/kbd\u003e in binary.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgagniuc%2Fbinary-metamorphosis","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgagniuc%2Fbinary-metamorphosis","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgagniuc%2Fbinary-metamorphosis/lists"}