Snippet List

Technique Language Author OS Creation Date
Indirect Memory Writing Delphi DarkCoderSc Windows 6 months
System Binary Proxy Execution: Rundll32 Delphi DarkCoderSc Windows 1 year, 2 months
Reflective DLL injection Delphi DarkCoderSc Windows 2 years, 4 months
SMB / Named Pipes Delphi DarkCoderSc Windows 2 years, 7 months
C2 via FTP(S) Delphi DarkCoderSc Windows 2 years, 9 months
APC injection Delphi DarkCoderSc Windows 3 years, 6 months
APC injection Delphi DarkCoderSc Windows 3 years, 6 months
Process Hollowing, RunPE Delphi DarkCoderSc Windows 3 years, 9 months
ProcEnvInjection - Remote code injection by abusing process environment strings Delphi DarkCoderSc Windows 3 years, 9 months
DLL Injection via CreateRemoteThread and LoadLibrary Delphi DarkCoderSc Windows 3 years, 9 months
Checking Mouse Activity Delphi DarkCoderSc Windows 3 years, 9 months
NtQueryInformationProcess Delphi DarkCoderSc Windows 3 years, 9 months
File Melt Delphi DarkCoderSc Windows 5 years, 1 month
Detecting Active Services Delphi DarkCoderSc Windows 5 years, 1 month
NTFS Files Attributes Delphi DarkCoderSc Windows 5 years, 4 months
NtQueryObject Delphi DarkCoderSc Windows 5 years, 5 months
NtSetInformationThread Delphi DarkCoderSc Windows 5 years, 6 months
IsDebuggerPresent Delphi DarkCoderSc Windows 5 years, 6 months
NtSetDebugFilterState Delphi DarkCoderSc Windows 5 years, 6 months
OutputDebugString Delphi DarkCoderSc Windows 5 years, 6 months
SuspendThread Delphi DarkCoderSc Windows 5 years, 6 months
Detecting Window with FindWindow API Delphi DarkCoderSc Windows 5 years, 6 months
IsDebugged Flag Delphi DarkCoderSc Windows 5 years, 7 months
Filter
Clear