21 lines
1.0 KiB
Markdown
21 lines
1.0 KiB
Markdown
|
+++
|
||
|
|
title = "Malware development"
|
||
|
|
description = "Example description with a lot of words but without any meaning. Why use lorem ipsum when you can just write a lot of text that has no underlying meaning?"
|
||
|
|
weight = 1
|
||
|
|
updated = 2024-09-29
|
||
|
|
[extra]
|
||
|
|
remote_image = "https://images.unsplash.com/photo-1620121692029-d088224ddc74?ixlib=rb-4.0.3&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=1632&q=80"
|
||
|
|
+++
|
||
|
|
|
||
|
|
**This is a work in progress! Here I hope to organize learnings from various malware development series and courses I am currently taking.
|
||
|
|
|
||
|
|
# Where to place your payload
|
||
|
|
|
||
|
|
This table showcases possible places to put your payload within a PE file with notes about the section and why to place a payload there.
|
||
|
|
|
||
|
|
| section name | purpose | reason(s) to store payload |
|
||
|
|
|--------------|---------|----------------------------|
|
||
|
|
| `.data` | contains initialized global <br> and static variables | section is readable and writable, <br> making it suited for an encrypted payload |
|
||
|
|
| `rdata` | ? | ? |
|
||
|
|
|