all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

NixImports - A .NET Malware Loader, Using API-Hashing To Evade Static Analysis

Add to bookmarks
Aug. 13, 2023, 12:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


A .NET malware loader, using API-Hashing and dynamic invoking to evade static analysis

How does it work?

NixImports uses my managed API-Hashing implementation HInvoke, to dynamically resolve most of it's called functions at runtime. To resolve the functions HInvoke requires two hashes the typeHash and the methodHash. These hashes represent the type name and the methods FullName, on runtime HInvoke parses the entire mscorlib to find the matching type and method. Due to this process, HInvoke does not leave any …

analysis api called detection engineering dynamic evade functions hashes hashing implementation it work loader malware managed payload runtime static analysis work yara

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

Galah - An LLM-powered Web Honeypot Using The OpenAI API 21 hours ago | www.kitploit.com
galah golang llm openai api +3
CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training 1 day, 21 hours ago | www.kitploit.com
amsi antivirus crimsonedr dll +5
Url-Status-Checker - Tool For Swiftly Checking The Status Of URLs 2 days, 17 hours ago | www.kitploit.com
bugbountyautomation bugbounty tools httpx infosys +2
CSAF - Cyber Security Awareness Framework 3 days, 21 hours ago | www.kitploit.com
csaf cybersecurity awareness linux socks5 +2
Espionage - A Linux Packet Sniffing Suite For Automated MiTM Attacks 4 days, 21 hours ago | www.kitploit.com
arp-spoofing cybersecurity networking packet capture +5
HackerInfo - Infromations Web Application Security 5 days, 21 hours ago | www.kitploit.com
hackerinfo python python3
C2-Tracker - Live Feed Of C2 Servers, Tools, And Botnets 6 days, 7 hours ago | www.kitploit.com
c2-tracker cybersecurity infosec osint +7
VectorKernel - PoCs For Kernelmode Rootkit Techniques Research 1 week, 4 days ago | www.kitploit.com
64bit api education kernel +17
Cookie-Monster - BOF To Steal Browser Cookies & Credentials 1 week, 5 days ago | www.kitploit.com
cookie-monster passwords processes python +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Engineer

@ Core10 | Nashville, Tennessee, United States - Remote
View on infosec-jobs.com

Security Operations Engineer I

@ Jamf | US Remote
View on infosec-jobs.com

IT Security ISSO Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Compliance Officer

@ Aspire Software | Canada - Remote
View on infosec-jobs.com

Security Operations Center (SOC) - AVP

@ Paytm | Noida, Uttar Pradesh
View on infosec-jobs.com
View more jobs