Detects Donut Loader shellcode

horsicq / Detect-It-Easy

Program for determining types of files for Windows, Linux and MacOS.

http://ntinfo.biz

MIT License

7.37k stars 716 forks source link

Closed nicholasmckinney closed 2 years ago

nicholasmckinney commented 2 years ago

See Donut shellcode-generator.

I am detecting shellcode generated to the x86, x64, and x86 + x64 format.s

nicholasmckinney commented 2 years ago

Generating shellcode (x64 shown): donut-gen-shellcode-x64

Examples of detections for x86, x64, x86 + x64: donut-die-x86 donut-die-x64 donut-die-x86_64

donut-die-x86_64

horsicq commented 2 years ago

Wow. Looks great! Thank you!