Donut is an open-source in-memory injector/loader, designed for execution of VBScript, JScript, EXE, DLL files and dotNET assemblies. It was used during attacks against U.S. organisations according to Threat Hunter Team (Symantec) and U.S. Defence contractors (Unit42).
|2022-07-30 ⋅ |
Malware AV evasion - part 8. Encode payload via Z85
Agent Tesla Carbanak Carberp Cardinal RAT Cobalt Strike donut_injector
|2020-06-26 ⋅ Symantec ⋅ |
WastedLocker: Symantec Identifies Wave of Attacks Against U.S. Organizations
|2019-05-09 ⋅ Github (thewover) ⋅ |
Donut - Injecting .NET Assemblies as Shellcode
There is no Yara-Signature yet.