Skrull - A Malware DRM, That Prevents Automatic Sample Submission By AV/EDR And Signature Scanning From Kernel

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.

It’s a proof-of-concept of the talk of ROOTCON & HITCON 2021, check out Skrull Like A King: From File Unlink to Persistence and Skrull Like A King：從重兵看守的天眼防線殺出重圍 🙂

note that currently support only x64 PE now, due to the ghosting technique.

Video Demo

Download Skrull

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Original Source

Tags: hacking, OSINT, Security, threatintel, tools

Skrull – A Malware DRM, That Prevents Automatic Sample Submission By AV/EDR And Signature Scanning From Kernel

Video Demo

Original Source

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Joint Guidance on Deploying AI Systems Securely

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor

CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400

Video Demo

Original Source

You may have missed

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Joint Guidance on Deploying AI Systems Securely

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor

CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400