Malware developement

[Auriga]

привет, what method would you consider better to achieve malware persistence and avoid antivirus detection?

 

[DrClinker]

injecting obfuscated shellcode in PE file

 

[Auriga]

doesn't this invalidate files signatures?

injecting obfuscated shellcode in PE file

 

[marauda18]

There a lot of ways. DLL search order hijacking for example.

 

[Auriga]

There a lot of ways. DLL search order hijacking for example.

I've tried it. Is there any info on how well detected it is or some vulnerable programs list?

 

[marauda18]

I've tried it. Is there any info on how well detected it is or some vulnerable programs list?

GitHub - Cybereason/siofra

Contribute to Cybereason/siofra development by creating an account on GitHub.

github.com