holly-hacker
commented
6 years ago See this crackme for a practical implementation.
Open holly-hacker opened 6 years ago
holly-hacker
commented
6 years ago See this crackme for a practical implementation.
roachadam
commented
5 years ago while a neat concept, it's very easy to dump so it wouldn't be much of a protection. Not to mention it would be flagged by any half-decent anti malware software, as it's often used to disguise malware.
holly-hacker
commented
5 years ago Any packer can easily be dumped, there is separate protection for that, and it's true that this would possible be detected by anti-malware software, but you run that risk regardless when you obfuscate your software.
This wouldn't be very practical for most applications, but it just seems like a fun thing to implement nonetheless.
owersite
commented
3 years ago Process Hallowing is useless.
I've seen this in practice before. Hollowing an external or the own process would be a neat packer. For more see this.
EDIT: This seems to be called RunPE.