Permissions question

[oscarmoraog]

It's not a bug, only a thread for an open question.

I'm testing the capabilities of this code but I didn't find the way to run it permanently within my windows.

• I already added as exception within my Windows defender.
• Already added the evil_file.exe to the task scheduler to start runing by every time windows starts.
• It works perfectly when windows starts, but at some point it starts to send blank logs and a black screenshots to my inbox.
• Also, when the computer got suspended and return, the code stop working, are there ways to keep those services running forever?
• When running manually (From a double-click), it works perfectly but I can't make it persistence. (At least I don't know how to do that.)

I've tried restarting the services by every 10 minutes, (pointing to my evil file, not the svchost.exe)
I've tried adding it to the startup folder.
Already tested several task_manager configs, but no one solved my issue.

It sounds to me likely a permission issue, but I didn't figure out how to solve, do you have any windows hints or guide for that? I'm a linux user, so not very used to work with windows tho.

Thanks.

[PushpenderIndia]

most probably av is detecting and killing the persistence exe, try disabling defender or any other av completely

[oscarmoraog]

I've added the files as whitelist within AV setup. But still getting this issue