OP 23 February, 2024 - 06:03 PM
I've been trying to create a decent cryptor and seem to have everything down but process injection, I'm working with c++
Seems like process hollowing and anything that uses sus windows API calls gets flagged just by having those API calls.
I'm not too sure how scantime would be catching my PEs any other way.
Pool party seems to be the next place I will be looking if no one here has any good ideas
Seems like process hollowing and anything that uses sus windows API calls gets flagged just by having those API calls.
I'm not too sure how scantime would be catching my PEs any other way.
Pool party seems to be the next place I will be looking if no one here has any good ideas