Skip to content

RATandC2/MaldevAcademyLdr.1

 
 

Repository files navigation

MaldevAcademyLdr.1

Quick Links

EXE Loader

Maldev Academy's October update saw several interesting modules being released to our users. One of them was our DLL loader that was successfully tested against several EDRs including MDE and Crowdstrike.

We promised to release an EXE version of the loader on GitHub.

tweet
https://twitter.com/MalDevAcademy/status/1701981413938012462

Features

  • Indirect-Syscalls using an improved HellsHall implementation.

  • Dll Unhooking via the \KnownDlls\ directory

  • Payload injection by chunking

  • Using custom AES encryption library.

  • Executing payload via Thread Pool APIs.

  • Obfuscating IAT using API hashing and API camouflage.

  • CRT library independent.

Demo

Demo

Releases

No releases published

Packages

No packages published

Languages

  • C 99.0%
  • Assembly 1.0%