Skrull : A Malware DRM, That Prevents Automatic Sample Submission By AV/EDR

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.

Video Demo

R K

Next RiotPot : Resilient IoT And Operational Technology Honeypot »

Previous « PMAT-labs : Labs For Practical Malware Analysis And Triage

Leave a Comment

Share

Published by

R K

Tags: AV/EDRMalware DRMSkrull

3 years ago

Recent Posts

Vulnerability Analysis

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

10 hours ago

Hacking Tools

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

10 hours ago

Pentesting Tools

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

10 hours ago

Exploitation Tools

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

10 hours ago

Exploitation Tools

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

10 hours ago

Cyber security

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

13 hours ago

L