fix(builder): improve artifact packaging with optional helper support

Update move_first_existing function to handle optional artifacts gracefully instead of raising FileNotFoundError. When optional artifacts are missing, append informative messages to stdout_err instead of failing the build. Also update agent icons to reference external PNG files instead of embedded base64 data for better maintainability.
fix(builder): handle multiple possible artifact paths during build
2026-06-24 09:54:13 +00:00 · 2026-04-15 05:54:00 +07:00 · 2026-04-15 05:43:30 +07:00 · 2026-04-15 05:29:37 +07:00 · 2026-04-15 04:56:54 +07:00 · 2026-04-15 03:20:05 +07:00
40 changed files with 182 additions and 124 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,7 @@ __pycache__/
 **/*.dll
 # Sphinx documentation
 docs/_build/
 debug_vps/
 # Environments
 #.env
 .venv
--- a/Payload_Type/ares/Dockerfile
+++ b/Payload_Type/ares/Dockerfile
@@ -17,7 +17,11 @@ RUN /venv/bin/python -m pip install git+https://github.com/MEhrn00/donut.git@v2.
 COPY [".", "."]
 # fetch all dependencies
-RUN cd ares/agent_code && dotnet restore --verbosity quiet && rm donut ; cp /donut donut
+RUN chmod -R u+w /Mythic/ares/agent_code && \
    cd ares/agent_code && \
    dotnet restore Ares/Ares.csproj --verbosity quiet && \
    rm -f donut && \
    cp /donut donut
 RUN cd ares/agent_code && cp COFFLoader.dll /COFFLoader.dll
 CMD ["bash", "-c", "cp /donut /Mythic/ares/agent_code/donut && /venv/bin/python main.py"]
--- a/Payload_Type/ares/ares/agent_code/Ares/Ares.csproj
+++ b/Payload_Type/ares/ares/agent_code/Ares/Ares.csproj
@@ -15,7 +15,7 @@
    <Reference Include="System.Security" />
  </ItemGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
    <ProjectReference Include="..\DInvokeResolver\DInvokeResolver.csproj" />
    <ProjectReference Include="..\EncryptedFileStore\EncryptedFileStore.csproj" />
    <ProjectReference Include="..\HttpProfile\HttpProfile.csproj" />
--- a/Payload_Type/ares/ares/agent_code/Ares/Config.cs
+++ b/Payload_Type/ares/ares/agent_code/Ares/Config.cs
@@ -1,4 +1,4 @@
-#define C2PROFILE_NAME_UPPER
+#define C2PROFILE_NAME_UPPER
 //#define LOCAL_BUILD
@@ -280,14 +280,14 @@ namespace Apollo
        public static int RegistryComparison = 1; // 1=Matches, 2=Contains
 #else
        // Environmental Keying Configuration
-        public static bool KeyingEnabled = keying_enabled_here;
+        public static bool KeyingEnabled = "keying_enabled_here" == "true";
-        public static int KeyingMethod = keying_method_here; // 1=Hostname, 2=Domain, 3=Registry
+        public static int KeyingMethod = int.Parse("keying_method_here"); // 1=Hostname, 2=Domain, 3=Registry
        public static string KeyingValueHash = "keying_value_hash_here";
        // Registry Keying Configuration
        public static string RegistryPath = "registry_path_here";
        public static string RegistryValue = "registry_value_here";
-        public static int RegistryComparison = registry_comparison_here; // 1=Matches, 2=Contains
+        public static int RegistryComparison = int.Parse("registry_comparison_here"); // 1=Matches, 2=Contains
 #endif
    }
--- a/Payload_Type/ares/ares/agent_code/Ares/Peers/Webshell/WebshellPeer.cs
+++ b/Payload_Type/ares/ares/agent_code/Ares/Peers/Webshell/WebshellPeer.cs
@@ -10,7 +10,6 @@ using AS = ApolloInterop.Structs.ApolloStructs;
 using TTasks = System.Threading.Tasks;
 using ApolloInterop.Classes.Core;
 using ApolloInterop.Structs.ApolloStructs;
 using Tasks;
 using ApolloInterop.Utils;
 using System.Net;
 using System.IO;
--- a/Payload_Type/ares/ares/agent_code/Ares/Program.cs
+++ b/Payload_Type/ares/ares/agent_code/Ares/Program.cs
@@ -12,6 +12,7 @@ using System.Collections.Concurrent;
 using ApolloInterop.Classes.Core;
 using ApolloInterop.Classes.Events;
 using ApolloInterop.Enums.ApolloEnums;
 using System.IO;
 using System.Runtime.InteropServices;
 using ApolloInterop.Utils;
 using System.Security.Cryptography;
--- a/Payload_Type/ares/ares/agent_code/AresInterop/AresInterop.csproj
+++ b/Payload_Type/ares/ares/agent_code/AresInterop/AresInterop.csproj
@@ -3,9 +3,10 @@
    <TargetFramework>net451</TargetFramework>
    <OutputType>Library</OutputType>
    <LangVersion>12</LangVersion>
-    <Nullable>enable</Nullable>
+    <Nullable>disable</Nullable>
    <GenerateAssemblyInfo>false</GenerateAssemblyInfo>
    <Platforms>AnyCPU;x64;x86</Platforms>
    <NoWarn>$(NoWarn);0168;0169;0659;0660;0661;8632</NoWarn>
  </PropertyGroup>
  <ItemGroup>
    <Reference Include="System.Security" />
--- a/Payload_Type/ares/ares/agent_code/AzureBlobProfile/AzureBlobProfile.csproj
+++ b/Payload_Type/ares/ares/agent_code/AzureBlobProfile/AzureBlobProfile.csproj
@@ -8,7 +8,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
--- a/Payload_Type/ares/ares/agent_code/DInvokeResolver/DInvokeResolver.csproj
+++ b/Payload_Type/ares/ares/agent_code/DInvokeResolver/DInvokeResolver.csproj
@@ -7,7 +7,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="PolySharp" Version="1.14.1" />
--- a/Payload_Type/ares/ares/agent_code/EKECryptography/EKECryptography.csproj
+++ b/Payload_Type/ares/ares/agent_code/EKECryptography/EKECryptography.csproj
@@ -44,9 +44,9 @@
    <Compile Include="Properties\AssemblyInfo.cs" />
  </ItemGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj">
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj">
      <Project>{5b5bd587-7dca-4306-b1c3-83a70d755f37}</Project>
-      <Name>ApolloInterop</Name>
+      <Name>AresInterop</Name>
    </ProjectReference>
    <ProjectReference Include="..\PSKCrypto\PSKCryptography.csproj">
      <Project>{c8fc8d87-30db-4fc5-880a-9cd7d156127a}</Project>
--- a/Payload_Type/ares/ares/agent_code/EncryptedFileStore/EncryptedFileStore.csproj
+++ b/Payload_Type/ares/ares/agent_code/EncryptedFileStore/EncryptedFileStore.csproj
@@ -11,7 +11,7 @@
    <Reference Include="System.Security" />
  </ItemGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
--- a/Payload_Type/ares/ares/agent_code/ExecuteAssembly/ExecuteAssembly.csproj
+++ b/Payload_Type/ares/ares/agent_code/ExecuteAssembly/ExecuteAssembly.csproj
@@ -8,7 +8,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Costura.Fody" Version="5.7.0" PrivateAssets="All" />
--- a/Payload_Type/ares/ares/agent_code/ExecutePE.Standalone/ExecutePE.Standalone.csproj
+++ b/Payload_Type/ares/ares/agent_code/ExecutePE.Standalone/ExecutePE.Standalone.csproj
@@ -10,7 +10,7 @@
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
    <ProjectReference Include="..\ExecutePE\ExecutePE.csproj" />
  </ItemGroup>
 </Project>
--- a/Payload_Type/ares/ares/agent_code/ExecutePE/ExecutePE.csproj
+++ b/Payload_Type/ares/ares/agent_code/ExecutePE/ExecutePE.csproj
@@ -9,7 +9,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <Content Include="FodyWeavers.xml" />
--- a/Payload_Type/ares/ares/agent_code/HttpProfile/HttpProfile.csproj
+++ b/Payload_Type/ares/ares/agent_code/HttpProfile/HttpProfile.csproj
@@ -8,7 +8,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
--- a/Payload_Type/ares/ares/agent_code/HttpxProfile/HttpxProfile.csproj
+++ b/Payload_Type/ares/ares/agent_code/HttpxProfile/HttpxProfile.csproj
@@ -9,7 +9,7 @@
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
    <ProjectReference Include="..\HttpxTransform\HttpxTransform.csproj" />
    <ProjectReference Include="..\PSKCrypto\PSKCryptography.csproj" />
  </ItemGroup>
--- a/Payload_Type/ares/ares/agent_code/Injection/Injection.csproj
+++ b/Payload_Type/ares/ares/agent_code/Injection/Injection.csproj
@@ -9,7 +9,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
--- a/Payload_Type/ares/ares/agent_code/KerberosTickets/KerberosTickets.csproj
+++ b/Payload_Type/ares/ares/agent_code/KerberosTickets/KerberosTickets.csproj
@@ -8,6 +8,6 @@
    <GenerateAssemblyInfo>false</GenerateAssemblyInfo>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
 </Project>
--- a/Payload_Type/ares/ares/agent_code/KeylogInject/KeylogInject.csproj
+++ b/Payload_Type/ares/ares/agent_code/KeylogInject/KeylogInject.csproj
@@ -10,7 +10,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <Content Include="FodyWeavers.xml" />
--- a/Payload_Type/ares/ares/agent_code/NamedPipeProfile/NamedPipeProfile.csproj
+++ b/Payload_Type/ares/ares/agent_code/NamedPipeProfile/NamedPipeProfile.csproj
@@ -8,7 +8,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
--- a/Payload_Type/ares/ares/agent_code/PSKCrypto/PSKCryptography.csproj
+++ b/Payload_Type/ares/ares/agent_code/PSKCrypto/PSKCryptography.csproj
@@ -8,7 +8,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
--- a/Payload_Type/ares/ares/agent_code/PlaintextCrypto/PlaintextCryptography.csproj
+++ b/Payload_Type/ares/ares/agent_code/PlaintextCrypto/PlaintextCryptography.csproj
@@ -8,7 +8,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
--- a/Payload_Type/ares/ares/agent_code/PowerShellHost/PowerShellHost.csproj
+++ b/Payload_Type/ares/ares/agent_code/PowerShellHost/PowerShellHost.csproj
@@ -8,7 +8,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Costura.Fody" Version="5.7.0" PrivateAssets="All" />
--- a/Payload_Type/ares/ares/agent_code/Process/Process.csproj
+++ b/Payload_Type/ares/ares/agent_code/Process/Process.csproj
@@ -8,7 +8,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
--- a/Payload_Type/ares/ares/agent_code/ScreenshotInject/ScreenshotInject.csproj
+++ b/Payload_Type/ares/ares/agent_code/ScreenshotInject/ScreenshotInject.csproj
@@ -10,7 +10,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <Content Include="FodyWeavers.xml" />
--- a/Payload_Type/ares/ares/agent_code/SimpleResolver/SimpleResolver.csproj
+++ b/Payload_Type/ares/ares/agent_code/SimpleResolver/SimpleResolver.csproj
@@ -8,7 +8,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="PolySharp" Version="1.14.1" />
--- a/Payload_Type/ares/ares/agent_code/Tasks/Tasks.csproj
+++ b/Payload_Type/ares/ares/agent_code/Tasks/Tasks.csproj
@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
  <PropertyGroup>
    <TargetFramework>net451</TargetFramework>
    <OutputType>Library</OutputType>
@@ -10,13 +10,13 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
    <Reference Include="System.Management.Automation">
      <HintPath>..\packages\System.Management.Automation6.1.7\System.Management.Automation.dll</HintPath>
    </Reference>
    <Reference Include="System.ServiceProcess" />
  </ItemGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <Compile Remove="powershell.cs" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Costura.Fody" Version="5.7.0" PrivateAssets="All" />
--- a/Payload_Type/ares/ares/agent_code/TcpProfile/TcpProfile.csproj
+++ b/Payload_Type/ares/ares/agent_code/TcpProfile/TcpProfile.csproj
@@ -8,7 +8,7 @@
    <Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
--- a/Payload_Type/ares/ares/agent_code/WebsocketProfile/WebsocketProfile.csproj
+++ b/Payload_Type/ares/ares/agent_code/WebsocketProfile/WebsocketProfile.csproj
@@ -10,7 +10,7 @@
    <AssemblyName>WebsocketProfile</AssemblyName>
  </PropertyGroup>
  <ItemGroup>
-    <ProjectReference Include="..\ApolloInterop\ApolloInterop.csproj" />
+    <ProjectReference Include="..\AresInterop\AresInterop.csproj" />
  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
--- a/Payload_Type/ares/ares/agent_code/directory.build.props
+++ b/Payload_Type/ares/ares/agent_code/directory.build.props
@@ -3,8 +3,10 @@
 	    <TargetFramework>net451</TargetFramework>
 		<LangVersion>12</LangVersion>
 		<Nullable>enable</Nullable>
 		<TreatWarningsAsErrors>false</TreatWarningsAsErrors>
 		<WarningsAsErrors></WarningsAsErrors>
 		<WarningsNotAsErrors>$(WarningsNotAsErrors);0108;0168;0169;0219;0649;8600;8602;8603;8618;8625;8629</WarningsNotAsErrors>
 		<GenerateAssemblyInfo>false</GenerateAssemblyInfo>
 		<Platforms>AnyCPU;x64;x86</Platforms>
  </PropertyGroup>
 </Project>
--- a/Payload_Type/ares/ares/mythic/agent_functions/builder.py
+++ b/Payload_Type/ares/ares/mythic/agent_functions/builder.py
@@ -135,19 +135,21 @@ def validate_httpx_config(config_data):
 class Ares(PayloadType):
    name = "ares"
    file_extension = "exe"
-    author = "@djhohnstein, @its_a_feature_"
+    author = "Aryma-f4"
    mythic_encrypts = True
    supported_os = [
        SupportedOS.Windows
    ]
-    semver = "2.4.12"
+    semver = "2.4.12-v5"
    description = "Ares Windows payload type for Mythic."
    wrapper = False
    wrapped_payloads = ["scarecrow_wrapper", "service_wrapper"]
    c2_profiles = ["http", "httpx", "smb", "tcp", "websocket", "azure_blob"]
    note = """
-A fully featured .NET 4.0 compatible training agent. Version: {}. 
+Ares Windows payload type for Mythic. Version: {}.
-NOTE: P2P Not compatible with v2.2 agents! 
+Supports WinExe, shellcode, source, and service builds.
-NOTE: v2.3.2+ has a different bof loader than 2.3.1 and are incompatible since their arguments are different
+NOTE: P2P is not compatible with v2.2 agents.
 NOTE: v2.3.2+ uses a different BOF loader than v2.3.1 and they are not compatible.
    """.format(semver)
    supports_dynamic_loading = True
    shellcode_format_options = ["Binary", "Base64", "C", "Ruby", "Python", "Powershell", "C#", "Hex"]
@@ -607,9 +609,9 @@ NOTE: v2.3.2+ has a different bof loader than 2.3.1 and are incompatible since t
            # Build command with conditional embedding
            if self.get_parameter('debug'):
-                command = f"dotnet build Ares.sln -c {compileType} -p:Platform=\"Any CPU\" -p:EmbedDefaultConfig={str(embed_default_config).lower()} -o {agent_build_path.name}/{buildPath}/ --verbosity quiet"
+                command = f"dotnet build Ares/Ares.csproj -c {compileType} -p:Platform=\"Any CPU\" -p:EmbedDefaultConfig={str(embed_default_config).lower()} -o {agent_build_path.name}/{buildPath}/ --verbosity quiet"
            else:
-                command = f"dotnet build Ares.sln -c {compileType} -p:DebugType=None -p:DebugSymbols=false -p:DefineConstants=\"\" -p:Platform=\"Any CPU\" -p:EmbedDefaultConfig={str(embed_default_config).lower()} -o {agent_build_path.name}/{buildPath}/ --verbosity quiet"
+                command = f"dotnet build Ares/Ares.csproj -c {compileType} -p:DebugType=None -p:DebugSymbols=false -p:DefineConstants=\"\" -p:Platform=\"Any CPU\" -p:EmbedDefaultConfig={str(embed_default_config).lower()} -o {agent_build_path.name}/{buildPath}/ --verbosity quiet"
            await SendMythicRPCPayloadUpdatebuildStep(MythicRPCPayloadUpdateBuildStepMessage(
                PayloadUUID=self.uuid,
                StepName="Gathering Files",
@@ -646,18 +648,52 @@ NOTE: v2.3.2+ has a different bof loader than 2.3.1 and are incompatible since t
                    StepSuccess=True
                ))
                resp.status = BuildStatus.Success
                missing_optional_artifacts = []
                def move_first_existing(candidates, target_path, required=False):
                    for candidate in candidates:
                        if os.path.exists(candidate):
                            shutil.move(candidate, target_path)
                            return True
                    if required:
                        raise FileNotFoundError(f"Unable to locate artifact for {target_path}: {candidates}")
                    missing_optional_artifacts.append((target_path, candidates))
                    return False
                targetExeAsmPath = "/srv/ExecuteAssembly.exe"
                targetPowerPickPath = "/srv/PowerShellHost.exe"
                targetScreenshotInjectPath = "/srv/ScreenshotInject.exe"
                targetKeylogInjectPath = "/srv/KeylogInject.exe"
                targetExecutePEPath = "/srv/ExecutePE.exe"
                targetInteropPath = "/srv/AresInterop.dll"
-                shutil.move(f"{agent_build_path.name}/{buildPath}/ExecuteAssembly.exe", targetExeAsmPath)
+                move_first_existing([
-                shutil.move(f"{agent_build_path.name}/{buildPath}/PowerShellHost.exe", targetPowerPickPath)
+                    f"{agent_build_path.name}/{buildPath}/ExecuteAssembly.exe",
-                shutil.move(f"{agent_build_path.name}/{buildPath}/ScreenshotInject.exe", targetScreenshotInjectPath)
+                    f"{agent_build_path.name}/ExecuteAssembly/bin/Release/net451/ExecuteAssembly.exe",
-                shutil.move(f"{agent_build_path.name}/{buildPath}/KeylogInject.exe", targetKeylogInjectPath)
+                ], targetExeAsmPath)
-                shutil.move(f"{agent_build_path.name}/{buildPath}/ExecutePE.exe", targetExecutePEPath)
+                move_first_existing([
-                shutil.move(f"{agent_build_path.name}/{buildPath}/AresInterop.dll", targetInteropPath)
+                    f"{agent_build_path.name}/{buildPath}/PowerShellHost.exe",
                    f"{agent_build_path.name}/PowerShellHost/bin/Release/net451/PowerShellHost.exe",
                ], targetPowerPickPath)
                move_first_existing([
                    f"{agent_build_path.name}/{buildPath}/ScreenshotInject.exe",
                    f"{agent_build_path.name}/ScreenshotInject/bin/Release/net451/ScreenshotInject.exe",
                ], targetScreenshotInjectPath)
                move_first_existing([
                    f"{agent_build_path.name}/{buildPath}/KeylogInject.exe",
                    f"{agent_build_path.name}/KeylogInject/bin/Release/net451/KeylogInject.exe",
                ], targetKeylogInjectPath)
                move_first_existing([
                    f"{agent_build_path.name}/{buildPath}/ExecutePE.exe",
                    f"{agent_build_path.name}/ExecutePE/bin/Release/net451/ExecutePE.exe",
                ], targetExecutePEPath)
                move_first_existing([
                    f"{agent_build_path.name}/{buildPath}/AresInterop.dll",
                    f"{agent_build_path.name}/AresInterop/bin/Release/net451/AresInterop.dll",
                ], targetInteropPath)
                if missing_optional_artifacts:
                    stdout_err += "\nOptional helper artifacts were not packaged:\n" + "\n".join(
                        f"{target}: {candidates}" for target, candidates in missing_optional_artifacts
                    )
                if self.get_parameter('output_type') == "Source":
                    shutil.make_archive(f"/tmp/{agent_build_path.name}/source", "zip", f"{agent_build_path.name}")
                    await SendMythicRPCPayloadUpdatebuildStep(MythicRPCPayloadUpdateBuildStepMessage(
@@ -763,9 +799,9 @@ NOTE: v2.3.2+ has a different bof loader than 2.3.1 and are incompatible since t
                            )
                            shutil.move(shellcode_path, working_path)
                            if self.get_parameter('debug'):
-                                command = f"dotnet build Ares.sln -c {compileType} -p:OutputType=WinExe -p:Platform=\"Any CPU\""
+                                command = f"dotnet build WindowsService1/WindowsService1.csproj -c {compileType} -p:OutputType=WinExe -p:Platform=\"Any CPU\""
                            else:
-                                command = f"dotnet build Ares.sln -c {compileType} -p:DebugType=None -p:DebugSymbols=false -p:DefineConstants=\"\" -p:OutputType=WinExe -p:Platform=\"Any CPU\""
+                                command = f"dotnet build WindowsService1/WindowsService1.csproj -c {compileType} -p:DebugType=None -p:DebugSymbols=false -p:DefineConstants=\"\" -p:OutputType=WinExe -p:Platform=\"Any CPU\""
                            proc = await asyncio.create_subprocess_shell(
                                command,
                                stdout=asyncio.subprocess.PIPE,
@@ -1011,4 +1047,3 @@ def adjust_file_name(filename, shellcode_format, output_type, adjust_filename):
        return original_filename + ".txt"
    else:
        return filename
--- a/agent_icons/XF-09_Ares.png
+++ b/agent_icons/XF-09_Ares.png
--- a/agent_icons/ares.svg
+++ b/agent_icons/ares.svg
@@ -0,0 +1,3 @@
 <svg xmlns="http://www.w3.org/2000/svg" width="218" height="250" viewBox="0 0 218 250">
  <image href="/static/XF-09_Ares.png" width="218" height="250" preserveAspectRatio="xMidYMid meet" />
 </svg>
--- a/agent_icons/ares_dark.svg
+++ b/agent_icons/ares_dark.svg
@@ -0,0 +1,3 @@
 <svg xmlns="http://www.w3.org/2000/svg" width="218" height="250" viewBox="0 0 218 250">
  <image href="/static/XF-09_Ares.png" width="218" height="250" preserveAspectRatio="xMidYMid meet" />
 </svg>
--- a/agent_icons/ares_light.svg
+++ b/agent_icons/ares_light.svg
@@ -0,0 +1,3 @@
 <svg xmlns="http://www.w3.org/2000/svg" width="218" height="250" viewBox="0 0 218 250">
  <image href="/static/XF-09_Ares.png" width="218" height="250" preserveAspectRatio="xMidYMid meet" />
 </svg>
--- a/config.json
+++ b/config.json
@@ -4,5 +4,5 @@
  "exclude_documentation_payload": false,
  "exclude_documentation_c2": false,
  "exclude_agent_icons": false,
-  "remote_images": {"ares" :"ghcr.io/aryma-f4/ares-mythic:multiarch-fixed-v2"}
+  "remote_images": {"ares" :"ghcr.io/aryma-f4/ares-mythic:amd64-fixed-v5"}
 }
--- a/documentation-payload/ares/_index.md
+++ b/documentation-payload/ares/_index.md
@@ -4,7 +4,7 @@ chapter = true
 weight = 100
 +++
-![logo](/agents/apollo/XF-09_Ares.png?width=600px)
+![logo](/agents/ares/XF-09_Ares.png?width=600px)
 ## Summary
--- a/documentation-payload/ares/ares_dark.svg
+++ b/documentation-payload/ares/ares_dark.svg
--- a/documentation-payload/ares/ares_light.svg
+++ b/documentation-payload/ares/ares_light.svg
--- a/documentation-payload/ares/commands/_index.md
+++ b/documentation-payload/ares/commands/_index.md
@@ -5,7 +5,7 @@ weight = 15
 pre = "<b>2. </b>"
 +++
-![logo](/agents/apollo/XF-09_Ares.png?width=600px)
+![logo](/agents/ares/XF-09_Ares.png?width=600px)
 ## Table of Contents
Author	SHA1	Message	Date
Aryma	dfb7ea177c	fix(builder): improve artifact packaging with optional helper support Update move_first_existing function to handle optional artifacts gracefully instead of raising FileNotFoundError. When optional artifacts are missing, append informative messages to stdout_err instead of failing the build. Also update agent icons to reference external PNG files instead of embedded base64 data for better maintainability.	2026-04-15 05:54:00 +07:00
Aryma	0c209d7201	fix(builder): handle multiple possible artifact paths during build The build process previously assumed artifacts were located in a single directory. However, due to project structure changes, artifacts may now be in different locations. This change adds a helper function to try multiple candidate paths for each artifact, moving the first existing file to the target location. This ensures compatibility across different build configurations.	2026-04-15 05:43:30 +07:00
Aryma	b88b3a2184	build(ares): update version, .gitignore, and project files - Bump semver to 2.4.12-v5 in builder.py - Add debug_vps/ to .gitignore - Remove BOM and unused PowerShell reference from Tasks.csproj - Add dark and light theme SVG icons for the agent	2026-04-15 05:29:37 +07:00
Aryma	6a3bf4ffbf	fix(ares): update logo paths and Docker image version Update logo references to correct directory and bump Docker image tag to v4. Fix permissions and improve build steps in Dockerfile. Adjust .NET build warnings configuration. Add light and dark mode SVG logos.	2026-04-15 04:56:54 +07:00
Aryma	286accf271	chore: update Ares container tag and adjust build commands Update the remote image tag for Ares from multiarch-fixed-v2 to multiarch-fixed-v3 in the global configuration. Additionally, modify the dotnet build commands in the builder to target the specific WindowsService1.csproj file instead of the broader Ares.sln solution file for more precise and efficient compilation.	2026-04-15 03:20:05 +07:00
Aryma	3ba28c3197	refactor: rename ApolloInterop to AresInterop and update build process Update project references across multiple agent modules to use AresInterop instead of ApolloInterop Add System.IO import in Program.cs and remove unused Tasks import in WebshellPeer Fix environmental keying configuration parsing in Config.cs to properly handle string values Simplify build command in builder.py to target Ares.csproj directly instead of Ares.sln Update nullable context and suppress warnings in AresInterop.csproj	2026-04-15 02:54:15 +07:00