Antivirus products continuously advance to combat evolving threats, prompting malware developers to create new bypassing techniques like “packing” and “crypting,” GuLoader is a notable service employed by cybercriminals to avoid detection by antivirus software. The cybersecurity researchers at Check Point affirmed that GuLoader employs a range of evasion techniques and stands out for its encrypted payload being uploaded to a remote server, enabling attackers to utilize a securely protected shellcode-based loader that downloads, decrypts, and executes the payload in memory without storing decrypted data on the hard drive.
Read full article on GBHackers