core-jmp

core-jmp

death of core jump

  • Home
  • windows
  • Reverse Engineering
  • exploitation
  • shellcode
  • About
  • Privacy Policy

HomeDLL Sideloading

Posts in category: DLL Sideloading

Inside the Trojanized CPU-Z Campaign: DLL Sideloading, Zig Malware, and Multi-Layer Persistence

Inside the Trojanized CPU-Z Campaign: DLL Sideloading, Zig Malware, and Multi-Layer Persistence

April 13, 2026
by oxfemale DLL SideloadingMalwarepowershellReverse Engineering

A trojanized CPU-Z package installs malware through CRYPTBASE.dll sideloading. The Zig-compiled DLL decodes an embedded payload, loads a reflective backdoor, connects to C2, and establishes persistence using PowerShell, COM hijacking, and scheduled tasks.

Read More

Recent Posts

  • Abusing WinML for In-Memory Staging and EDR Evasion
  • Windows Early Boot Configuration: The CmControlVector and PspSystemMitigationOptions
  • Fail Open, Game Over: Turning a One-LineTomcat Fix into Unauthenticated RCE
  • Inside the Trojanized CPU-Z Campaign: DLL Sideloading, Zig Malware, and Multi-Layer Persistence
  • AI vs Reverse Engineering: How Claude Helped Find a radare2 0-Day

Archives

  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • November 2025
  • September 2025

Active Directory Active Directory Security Binary Analysis byovd bypass cpp EDR EDR Bypass EDR Evasion EDREvasion Embedded Security Embedded Systems Exploit Development Firmware Reverse Engineering Hardware Hacking Hardware Security injection IoT Security Kernel Debugging Kernel Exploitation macOS Security Malware Analysis Malware Development Memory Corruption Offensive Security Post-Exploitation PPL Privilege Escalation Process Injection red team RedTeam Red Teaming Red Team Techniques remote code execution Reverse Engineering Security Research shellcode Vulnerability Research winapi WinDBG windows Windows Internals Windows Kernel Windows security WindowsSecurity

Categories

  • .NET
  • access
  • ACE
  • ACL
  • Active Directory
  • Active Directory
  • AD CS
  • Administrator
  • AI Agents
  • AI Security Research
  • alloc
  • ALPC
  • Antivirus
  • Apache Tomcat
  • APC
  • Apple Silicon
  • ASM
  • ASR
  • attaks
  • Audio
  • AV
  • BIOS
  • BitLocker
  • Blue team
  • Bluetooth
  • Boot ROM
  • Broadcom
  • BSoD
  • buffer overflow
  • BYOUD
  • BYOVD
  • Bypassing
  • Cache
  • Callbacks
  • Camera
  • CI/CD
  • CIMOM
  • Cisco
  • Claude AI
  • CLFS
  • cmd
  • COM
  • Command Injection
  • Containers
  • Copilot
  • Cortex XDR
  • cpp
  • CPU
  • Credential Attacks
  • Crypt
  • Cryptography
  • CryptoPro
  • DCOM
  • Debug
  • Defender
  • DEP
  • Deserialization
  • DFIR
  • DLL Sideloading
  • DMA
  • DNS
  • Driver
  • dump
  • EDR
  • Embedded
  • Encryption
  • Escalation
  • ESP32
  • Evasion
  • Eventlog
  • Exploit Development
  • exploitation
  • filesystem
  • firmware
  • Flash
  • FreeBSD
  • Gadgets
  • GATT
  • Ghidra
  • Hardware
  • Hooking
  • Hypervisor
  • Impacket
  • impact
  • Injection
  • IOCTL
  • IoT
  • Java
  • JIT
  • Kerberos
  • kernel
  • kernel-mode
  • LDAP Relay
  • Library
  • Linux
  • LLM
  • LLM Exploit Development
  • LNK
  • Loader
  • LOLExfil
  • LSA
  • LSASS
  • Machine Learning
  • MacOS
  • Malware
  • MCP
  • MS-DOS
  • MS-EVEN
  • MS-LSAD
  • MS-SAMR
  • Network
  • NTLM Relay
  • NVMe
  • ODR
  • Palo Alto
  • PBA
  • PCI
  • PEB
  • Penetration Testing
  • PHP
  • Plugins
  • PoC
  • powershell
  • powershell
  • PPL
  • Privilege
  • Privilege Escalation
  • Protection
  • PXE
  • Python
  • QEMU
  • Race Condition
  • radare2
  • RCE
  • Recall
  • Recovery mode
  • RedTeam
  • Registry
  • Reverse Engineering
  • root
  • ROP
  • RPC
  • RTTI
  • Rust
  • SAM
  • Secure Boot
  • Security
  • Security
  • shellcode
  • Shortcut
  • SPI Flash
  • Stack Overflow
  • STM32H5
  • TCP/IP
  • TEB
  • Telegram
  • Telnetd
  • TPM
  • UAC
  • UART
  • UEFI
  • Uncategorized
  • Use-After-Free
  • user-mode
  • Virtualization
  • VMProtect
  • VMware
  • Warbird
  • WASM
  • WEB
  • winapi
  • winapi
  • WinDBG
  • windows
  • Windows Admin Center
  • Winsock
  • WMI
  • WML
  • Wordpress
  • WSL
  • Xiaomi
  • XNU Kernel
Log in
    © 2026 core-jmp. All rights reserved.
    Shopping Basket