Open qwer0123456 opened 1 month ago
added initial ETW bypass. works in debug loader, but not when injected into notepad https://github.com/TheWover/donut/tree/29871f7b9f38d8fb2ee59da4f0cd09302484f9a4
Since this update in version 0.93, vmprotect packed files are not executed as donut shellcode
added initial ETW bypass Before this update, the vmprotect packer also ran as donut shellcode
How do I make it work in version 1.0?
added initial ETW bypass. works in debug loader, but not when injected into notepad https://github.com/TheWover/donut/tree/29871f7b9f38d8fb2ee59da4f0cd09302484f9a4
Since this update in version 0.93, vmprotect packed files are not executed as donut shellcode
added initial ETW bypass Before this update, the vmprotect packer also ran as donut shellcode
How do I make it work in version 1.0?