Percino is a Golang loader that execute shellcode utilizing the process hollowing technique with anti-sandbox and anti-analysis measures. The shellcode is encrypted with the Triple DES (3DES) encryption algorithm.
Full EDR bypass with any C2 Framework. Tested with Cobalt Strike against MDE EDR.
Key Features:
- 3DES Encryption
- Sandbox Evasion
- Analysis Evasion
- Execution delay
- Process Hollowing
TIP: I recommended to sign the binary with CS
CS:
MSF:
