LightsOut - Generate An Obfuscated DLL That Will Disable AMSI And ETW - RedPacket Security
Common Information
Type Value
UUID f5cba015-b830-4403-8d5b-4d8e8e2c18cd
Fingerprint e4ad031a186fefa0
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 19, 2023, 10:02 p.m.
Added to db Nov. 20, 2023, 1:29 a.m.
Last updated Nov. 17, 2024, 11:40 p.m.
Headline LightsOut – Generate An Obfuscated DLL That Will Disable AMSI And ETW
Title LightsOut - Generate An Obfuscated DLL That Will Disable AMSI And ETW - RedPacket Security
Detected Hints/Tags/Attributes 15/1/9
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1
lightsout.py
Details Domain 3
rastamouse.me
Details Domain 2
ethicalchaos.dev
Details Domain 4128
github.com
Details File 1
lightsout.py
Details Github username 2
rad9800
Details Url 2
https://rastamouse.me/memory-patching-amsi-bypass
Details Url 1
https://ethicalchaos.dev/2022/04/17/in-process-patchless-amsi-bypass
Details Url 1
https://github.com/rad9800/misc/tree/main/hooks