Monday, 31 March
poster

Friday, 28 March2025

CoffeeLoader Malware Employs GPU-Based Packer to Evade Detection

CoffeeLoader Malware Employs GPU-Based Packer to Evade Detection

Cybersecurity researchers have identified CoffeeLoader, a sophisticated malware designed to download and execute secondary payloads while evading detection. It utilizes a specialized packer, dubbed Armoury, that leverages the system's GPU to complicate analysis and bypass security solutions like EDR and antivirus software. Additional evasion techniques include call stack spoofing, sleep obfuscation, and the use of Windows fibers.

Subscribe To Our Newsletter.

Full Name
Email