Joost Agterhoek 51e3323e1a new blog post, start of a malware development project (not published yet)

2024-10-09 14:40:08 +02:00

+++ title = "Malware development" description = "Example description with a lot of words but without any meaning. Why use lorem ipsum when you can just write a lot of text that has no underlying meaning?" weight = 1 updated = 2024-09-29 [extra] remote_image = "https://images.unsplash.com/photo-1620121692029-d088224ddc74?ixlib=rb-4.0.3&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=1632&q=80" +++

**This is a work in progress! Here I hope to organize learnings from various malware development series and courses I am currently taking.

Where to place your payload

This table showcases possible places to put your payload within a PE file with notes about the section and why to place a payload there.

section name	purpose	reason(s) to store payload
`.data`	contains initialized global and static variables	section is readable and writable, making it suited for an encrypted payload
`rdata`	?	?