Pros & Cons

Pros

  1. The actual payload cannot be discovered because they are represented mathematically using vector embeddings

  2. There is no encryption/obfuscation of payload, hence the entropy of the malware remains low equivalent to any benign binary

  3. Payload are represented as English words. One could potentially use any other language as well to represent the payload

  4. One could use many other techniques like digitally signing, other techniques to inject payload

Cons

  1. The AI module requires Python to be pre-installed on the target. This poc has been created using Python 3.11

  2. The AI module is dependent on other packages

  3. The performance is not great. But there are plenty of potential opportunities for improvement. For instance, the AI module checks every time if the packages are installed. This is required only for the first run and not for every run

PreviousSource code explanationNextDemo

Last updated