<ul data-eligibleForWebStory="false"><li>Overwatch discusses obfuscation methods for avoiding detection by Russian antivirus software like Kaspersky, DrWeb, and others.</li><li>The technique involves using obfuscated Meterpreter stagers to maintain control of the system while evading detection.</li><li>Steps include generating a stager, randomizing API hashes, crafting a loader, and compiling an executable to evade known indicators of compromise.</li><li>The method is effective in evading common Russian antivirus solutions, but Microsoft Defender may still flag it requiring adding .exe files to exclusions for persistence.</li></ul>

Malware Evasion – Evading Russian Antiviruses

Discover more