CoreEntity .NET Packer

A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.

WarzoneRat, AveMaria

WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

CoreCCC Packer

Detects CoreCCC packer used to load .NET malware.

ReZer0 packer

Detects ReZer0, a packer with multiple versions used in various campaigns.

Warzone RAT Payload