Mirrors/vxug-MalwareSourceCode
13
1
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode synced 2024-07-05 09:52:02 +00:00
Code Releases Activity
3d90a88e4e
vxug-MalwareSourceCode/Win32/Proof of Concepts/ExtraWindowInject
History
vxunderground 900263ea6f updates and moves 
n/a
2022-04-11 20:00:13 -05:00
..
src updates and moves 2022-04-11 20:00:13 -05:00
README.md updates and moves 2022-04-11 20:00:13 -05:00

README.md

inject_shellcode

Small compendium of injection techniques commonly used in malware demonstrated on metasploit-generated shellcode

Various objects of injection:

  • existing process (found by name)
  • newly created process

Demonstrated methods:

  • Running shellcode in a new thread
  • Adding shellcode into existing thread (using NtQueueApcThread)
  • Patching Entry Point of the process
  • Patching context of the process
  • Injecting into Tray Window (using SetWindowLong)