GoFlateLoader, a widespread Golang loader that has become a go-to delivery mechanism for multiple infostealers including Lumma, Vidar, StealC, Amatera and Remus. GoFlateLoader’s design is intentionally unspectacular: its code implements a straightforward in-memory manual PE loader, lacking anti-debugging, anti-VM, API hashing or control-flow obfuscation. The loader’s operational stealth instead relies on an arguably low-tech but […]

The post GoFlateLoader Hides Infostealers in Massive PE Overlay appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/goflateloader-hides-infostealers/