This repo contains the PoC of the MSI payload used in the blog post. The payload is based on the Gwisin ransomware's MSI payload analysis of the AhnLab ASEC team's blog post.
- Project > Project properties > c/c++ > preprocessor > processor definition -
_CRT_SECURE_NO_WARNINGS
- Project > Project properties > Charset > Multi-byte
- HuskyHacks - MSI Payload Blog Post
- ASEC AhnLab - blog post
- SK Shieldus
- Atomic Red Team