DeepSleep

all credits go to @mgeeky

PoC in C that hooks sleep and encrypts shellcode page + changes permissions very much like https://github.com/mgeeky/ShellcodeFluctuation. Uses functionhashing for epic malware emulation :P :P :P Just a fun little experiment :)

Here you see visually what I mean: This is cobalt strike running (RX file permission with shellcode as is):