Detected By AV (Kaspersky, Avira)

Question

Detected By AV (Kaspersky, Avira)

uxeer opened this issue 6 years ago · 8 comments

uxeer commented 6 years ago

Answer 1 · 2019-06-26T14:58:35.000Z

Static scan or during execution?
Can you please also provide some details about which technique you used

Answer 2 · 2019-06-26T16:16:12.000Z

Without scan or execution, i just copy payload.exe on target PC kaspersky detected it.

Answer 3 · 2019-06-26T16:54:08.000Z

What injection method did you use?

Answer 4 · 2019-06-26T17:35:39.000Z

Thread Hijacking (Shellcode Arch: x86, OS arch: x86)

Answer 5 · 2019-06-27T03:17:19.000Z

Thank you for your feedback I' ll check and get back to you

Answer 6 · 2019-06-30T10:18:18.000Z

checked your claim and it is true, I will issue a relative update to solve the issue.
Thanks again for the feedback

Answer 7 · 2019-06-30T21:29:00.000Z

Thank you 😀

Answer 8 · 2019-10-17T05:52:34.000Z

It has been reported that the produced backdoor is no more undetectable from the majority of the AV solutions, which is indeed true and which is something I expected by the time that the software is getting more and more 'popular'. As a temporary solution I advise you to use a C# obfuscator on the produced executable. In my case, I used babel for net (http://www.babelfor.net/) with a great success for the majority of AV’s (including Kaspersky, Avast etc.).