the trojan created in the above example would run fine on windows xp and 7 if there are no uptodate antivirus on them. If there are any antivirus on the system they would detect the payload signature and warn the user. Windows 8 on the other hand comes with inbuilt anti malware protection (Windows defender) which would detect the trojan right away and would not allow the user to run the program.
So we need a way around this to make the trojan undetectable. A utility called PEScrambler can be used to encode the executable file such that antivirus/anti malware cannot detect it. Check it out at
The download contains a single executable file and the usage is straightforward
C:\>PEScrambler.exe -i trojan.exe -o encoded.exe
Now the encoded.exe file is different from trojan.exe and is encoded such that antivirus may not be able to detect it.
At this point of time, most antivirus and antimalwares have become fully aware of the above techniques and it would be very difficult for the trojan to go undetected. Windows 8 inbuilt antimalware detects all such types of payloads generated from msfpayload and encoded with msfencode to whatever iteration level.