# Dcrat AV Evasion

* This page will document different payloads and their success against different AV engines
* `X` == Detection, do not run on a remote host
* `Yes` == No detection, safe to run on a remote host

| AV Engine                   | Shellcode Loader | Binary |
| --------------------------- | ---------------- | ------ |
| <p>Windows Defender<br></p> | Yes              | X      |
| Kaspersky                   |                  |        |
| McAfee                      |                  |        |
| Sophos                      |                  |        |
| Malwarebytes                |                  |        |

## Custom Shellcode Loader

* I am currently working on a custom shellcode loader for Dcrat shellcode.
* This is written in `C#` like the RAT itself.

### Current Detections

<figure><img src="https://2098276108-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwXbmWAdfb5sb4Veuw2rn%2Fuploads%2FjJBnWy2v5IcpgQDQtX4L%2Fanti.png?alt=media&#x26;token=61017b24-72e0-4056-91e5-6224381b1815" alt=""><figcaption></figcaption></figure>