Secondary Categories: 02-Malware


Description:

Its generally good to inject your shellcode into your own process memory region and if not then inject you shellcode into a process that will generate network traffic

KernelCallbackTable Method

Using this WinAPI function we can inject payloads into remote processes. This method is used by FinFisher/FinSpy and Lazarus in their malware campaigns.

To get this process injection method to work you can spawn a sacraficial process then inject into that.


Resources:

Also Check Out:

  • PLACEHOLDER