Closed shrek3n closed 2 years ago
Azrotronik
commented
2 years ago It seems the bug happens upon using the -injection flag, I can replicate this using scarecrow -I sgn.raw -Loader dll -domain libreoffice.org -injection svchost.exe
Will investigate in a few.
GeorgePatsias
commented
2 years ago It seems the bug happens upon using the -injection flag, I can replicate this using scarecrow -I sgn.raw -Loader dll -domain libreoffice.org -injection svchost.exe
Will investigate in a few.
You need to add the full path of the injection. e.g. C:\Windows\System32\svchost.exe
Azrotronik
commented
2 years ago You need to add the full path of the injection. e.g. C:\Windows\System32\svchost.exe
Yes, i have initially added the path, i shortened it here, but the issue still persists, i think the issue may have to do with garble.
Tylous
commented
2 years ago This has nothing with the path it has to do with a recent update to the dependencies. I will update the repo shortly.
Tylous
commented
2 years ago Repo and releases have been updated to address this.
Tried as well with disabling amsi,etw and sleep.