Chetan Nayak (Brute Ratel C4) on Twitter: "The stager which I converted from 8kb to 3.5 kb, is now back to 9kb, but it now unhooks every DLL hooked by the EDR before downloading the encrypted stage and executing it. Tested it against most top notch EDRs in prevent mode and this time added Palo Alto to the tests. #BRc4 https://t.co/WSXJmjEK9i" / Twitter
https://twitter.com/NinjaParanoid/status/1554498023455354880