
made a simple maldev project
remote thread DLL injection, payload obfuscation (RC4 + UUID encoding), and resource‑section embedding. The final loader carries an encrypted payload inside its own .rsrc section, decrypts it at runtime, and injects it into a target process
Ik it's pretty basic😅, so I'll make the following changes to it
- Avoid writing the DLL to the disk, and directly load it into memory using Reflective Loader or Prepended Loader, and change classic injection with Process Hollowing, or Early Bird
- Change RC4 to AES
- Integrate C2 so the enumeration result will be transmitted to the team server using beacon, and not written to a file on system
PROJECT LINK - github link
But I'm going to first practice some Reverse-Engineering on it lol.
would appreciate suggestions and stuff : )