ReflectiveDLLInjector
Reflective DLL injector targeting svchost.exe. Internal name SvchostInjector.x64.dll. ReflectiveLoader fileless injection. Direct NTDLL syscall access for ETW/AV bypass. Process enumeration via CreateToolhelp32Snapshot. Memory-mapped injection. 128-char AES key config string.
Threat Profile
Type
Loader
Programming LanguageC/C++
C2 ProtocolNamed Pipe/C2
First Seen2024
Targets
Küresel
Purpose / Capabilities
- Process Injection/Fileless Loader
No C2 servers have been identified for this family yet.
Research Reports (1)
ReflectiveDLLInjector out.dll -- SvchostInjector.x64.dll Dahili Isim, ReflectiveLoader Dosyasiz Enjeksiyon, ntdll.dll Direkt Syscall ETW AV Bypass, CreateToolhelp32Snapshot Process32FirstW Hedef Proses Tespiti | Kritik
ReflectiveDLLInjector out.dll x64. SvchostInjector.x64.dll dahili isim. ReflectiveLoader dosyasiz enjeksiyon. ntdll.dll direkt syscall ETW AV bypass. CreateToolhelp32Snapshot Process32FirstW hedef proses tespiti.
Read Report →