research poc
Deep Instinct Details LLM-Generated Malware BypassERWDirectSyscallShellcodeLoaderBypassERWDirectSyscallShellcodeLoader
Deep Instinct's DIANNA assistant analyzed a newly discovered malware sample named BypassERWDirectSyscallShellcodeLoader, which was generated using large language models (ChatGPT and DeepSeek). The malware employs multiple evasion techniques including anti-debug, anti-sandbox, process injection, privilege escalation, and ETW bypass to stealthily load shellcode. Deep Instinct claims its deep learning-based DSX platform detected and prevented the threat before other vendors.