aboutsummaryrefslogtreecommitdiff
path: root/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm
diff options
context:
space:
mode:
Diffstat (limited to 'CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm')
-rw-r--r--CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm14
1 files changed, 14 insertions, 0 deletions
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm
new file mode 100644
index 0000000..d16cbc9
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm
@@ -0,0 +1,14 @@
+[SECTION .text]
+
+global _start
+
+_start:
+ ; Set a var to 1, let PS known exe is exiting
+ mov rbx, 0x4141414141414141
+ mov [rbx], byte 0x01
+
+ ; Call exitthread instead of exitprocess
+ sub rsp, 0xc0
+ and sp, 0xFFf0 ; Needed for stack alignment
+ mov rbx, 0x4141414141414141
+ call rbx
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-26 02:11:43 +0000