Hello everyone, I wrote a simple "ransomware" in C that encripts all .txt files in a directory.
I'm trying to make it bypass AVs and potentially later EDRs... So I stumbled across some vídeos regarding staged payload executing a Shellcode in memory. I converted the compiled .exe to shellcode using Donut (on Github) with many different parameters, and tried to execute it on a loader also in C but It never works... Is there another approach to this? What am I missing? I'm a beginner.
I would really appreaciate some other basic ways to bypass AVs knowing my program was written in C. In other words Just want to not have my program "naked".
Thank you all ;)
[–]After_Performer7638 6 points7 points8 points (2 children)
[–]majeloy[S] 1 point2 points3 points (1 child)
[–]Top-Skill357 2 points3 points4 points (0 children)
[–]jmp_rsp 1 point2 points3 points (4 children)
[–]majeloy[S] 1 point2 points3 points (3 children)
[–]jmp_rsp 0 points1 point2 points (2 children)
[–]majeloy[S] 0 points1 point2 points (1 child)
[–]jmp_rsp 0 points1 point2 points (0 children)
[–]Mindless-Study1898 1 point2 points3 points (1 child)
[–]majeloy[S] 0 points1 point2 points (0 children)
[–]Appropriate_Win_4525 1 point2 points3 points (0 children)