Classic Process Injection with Memory Evasion Techniques implemantation
What memory evasion techniques are used?
- Sleep Personal Implementation
- Set PAGE_NOACCESS with VirtualProtectEx
- Encrypt/Decrypt Memory Regions with SystemFunction033
- Encrypt/Secrypt Shellcode to the entrypoint using XOR
Forcing Page Guard Exceptions:
WriteProcessMemory:
CreateRemoteThread:
Handling Exceptions:
The flow code is the following:
