ioc[.]one - OSINT Cyber Threat Intelligence Database

In-Memory shellcode decoding to evade AVs/EDRs - Shells.Systems

Tags

cmtmf-attack-pattern:	Process Injection
attack-pattern:	Data Process Injection - T1631 Python - T1059.006 Process Injection - T1055

Show in Graph

Common Information

Type	Value
UUID	93792f2d-ade6-4227-9f03-93d95ace47f0
Fingerprint	2e790d3328b64465
Analysis status	DONE
Considered CTI value	0
Text language
Published	July 26, 2020, 3:12 p.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 6:49 p.m.
Headline	In-Memory shellcode decoding to evade AVs/EDRs
Title	In-Memory shellcode decoding to evade AVs/EDRs - Shells.Systems
Detected Hints/Tags/Attributes	23/2/3

Source URLs

	Redirection	Url
Details	Source	https://shells.systems/in-memory-shellcode-decoding-to-evade-avs/

URL Provider

Details	Provider	Source level domain
Details	shells.systems	shells.systems

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	3		shells.systems
Details	File	3		shells.sys
Details	File	1260		explorer.exe