GoFlateLoader, a widespread Golang loader that has become a go-to delivery mechanism for multiple infostealers including Lumma, Vidar, StealC, Amatera and Remus. GoFlateLoader’s design is intentionally unspectacular: its code implements a straightforward in-memory manual PE loader, lacking anti-debugging, anti-VM, API hashing or control-flow obfuscation. The loader’s operational stealth instead relies on an arguably low-tech but […] The post GoFlateLoader Hides Infostealers in Massive PE Overlay appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/goflateloader-hides-infostealers/
