Search Evasion Techniques
Names, Techniques, Definitions, Keywords
Search Result
44 item(s) found so far for this keyword.
Virtualization/Sandbox Evasion: User Activity Based Checks Defense Evasion [Mitre]
Adversaries may employ various user activity checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core …
PureCrypter Packers
PureCrypter, a multi-functional crypter/loader developed in C#, was first introduced in hacking forums on March 17, 2021. This tool is compatible with both 32-bit and 64-bit native as well as .NET payloads. It features multiple injection modes, including reflection, RunPE, and shellcode. PureCrypter can deliver payloads either via a URL or offline. It has been noted for its use in …
LimeCrypter Packers
Limecrypter is a sophisticated obfuscation tool designed for both native and .NET files. It employs a unique approach to secure payloads by encrypting them within a .NET-based stub. This stub acts as a container for the encrypted payload, ensuring its contents remain concealed until execution.
Cronos-Crypter Packers
Cronos-Crypter is an open-source crypter publicly available on GitHub. The crypter applies AES encryption or XOR obfuscation to a selected payload before storing it as a .NET resource of a final generated .NET executable payload. Cronos-Crypter contains multiple capabilties for persistence and defense evasion. An operator may select persistence via a Windows Registry autorun key or a Scheduled Task. An …