JPMinty · February 16, 2026 04:27
diff --git a/Debug comments from identified 'Stealth Packer' packed Malware b/Debug comments from identified 'Stealth Packer' packed Malware
 [*] Stealth Packer Starting...
 [*] Running as Admin:
 [-] Failed to add firewall rules:
 [+] Firewall rules added.
 [+] Cloned to:
 [*] Reboot execution detected. Skipping installation.
 [+] Bypass applied successfully
 [-] Bypass failed:
 [*] Decrypting embedded payload...
 [+] Payload decrypted:
 [*] Loading CLR with clroxide...
 [+] CLR loaded successfully
 [*] Executing assembly...
 [*] Entry point signature:
 [+] Execution finished successfully
 [-] Execution failed:
 [-] Failed to create method arguments:
 ([-] Failed to get entrypoint signature:
 [-] Failed to get entrypoint:
 [-] Failed to load assembly:
 [-] Failed to get CLR context:
 [-] Failed to create CLR instance:
 COM HijackingGhost Scheduled Tasksvc_host.exe~update.tmp.exeappdatatemp
 [*] Checking for user activity (Mouse)...
 [!] Timeout reached waiting for mouse. Proceeding anyway.
 [+] User activity detected.
 [DEBUG] NtQuerySystemInformation status:
 [DEBUG] NtQuerySystemInformation failed with status:
 [DEBUG] STATUS_INFO_LENGTH_MISMATCH, resizing buffer from
 [DEBUG] NtQuerySystemInformation succeeded
 [DEBUG] Starting process enumeration, looking for PID:
 [DEBUG] Testing NtClose(0)
 [DEBUG] NtClose(0) status:
 [DEBUG] Failed to resolve NtClose
 [DEBUG] PID:
 [DEBUG] Found
 [DEBUG] Current TID:
 [DEBUG] Suspending thread
 [DEBUG] Processing thread
 [DEBUG] Invoking GetThreadContext (std API)
 [DEBUG] GetThreadContext result:
 [DEBUG] Invoking SetThreadContext (std API)
 [DEBUG] Resuming thread
 [DEBUG] GetThreadContext failed, skipping thread
 [DEBUG] Skipping current thread TID:
 [!] Persistence lost on
 [DEBUG] Resolving syscall for
 [DEBUG] Found syscall for
 [DEBUG] Failed to find syscall gadget for
 [DEBUG] Ordinal
	[*] Stealth Packer Starting...
	[*] Running as Admin:
	[-] Failed to add firewall rules:
	[+] Firewall rules added.
	[+] Cloned to:
	[*] Reboot execution detected. Skipping installation.
	[+] Bypass applied successfully
	[-] Bypass failed:
	[*] Decrypting embedded payload...
	[+] Payload decrypted:
	[*] Loading CLR with clroxide...
	[+] CLR loaded successfully
	[*] Executing assembly...
	[*] Entry point signature:
	[+] Execution finished successfully
	[-] Execution failed:
	[-] Failed to create method arguments:
	([-] Failed to get entrypoint signature:
	[-] Failed to get entrypoint:
	[-] Failed to load assembly:
	[-] Failed to get CLR context:
	[-] Failed to create CLR instance:
	COM HijackingGhost Scheduled Tasksvc_host.exe~update.tmp.exeappdatatemp
	[*] Checking for user activity (Mouse)...
	[!] Timeout reached waiting for mouse. Proceeding anyway.
	[+] User activity detected.
	[DEBUG] NtQuerySystemInformation status:
	[DEBUG] NtQuerySystemInformation failed with status:
	[DEBUG] STATUS_INFO_LENGTH_MISMATCH, resizing buffer from
	[DEBUG] NtQuerySystemInformation succeeded
	[DEBUG] Starting process enumeration, looking for PID:
	[DEBUG] Testing NtClose(0)
	[DEBUG] NtClose(0) status:
	[DEBUG] Failed to resolve NtClose
	[DEBUG] PID:
	[DEBUG] Found
	[DEBUG] Current TID:
	[DEBUG] Suspending thread
	[DEBUG] Processing thread
	[DEBUG] Invoking GetThreadContext (std API)
	[DEBUG] GetThreadContext result:
	[DEBUG] Invoking SetThreadContext (std API)
	[DEBUG] Resuming thread
	[DEBUG] GetThreadContext failed, skipping thread
	[DEBUG] Skipping current thread TID:
	[!] Persistence lost on
	[DEBUG] Resolving syscall for
	[DEBUG] Found syscall for
	[DEBUG] Failed to find syscall gadget for
	[DEBUG] Ordinal
No results found