Ram Ram

ESET detect meterpreter payload

Discussion created by Ram Ram on Jun 6, 2017
Latest reply on Jun 7, 2017 by jm gastal

Hi everyone,

 

I'm trying to use meterpreter but it gets detected by ESET AV.

 

The problem is that once the stager gets downloaded, ESET reads the process memory and shows an alert with threat name "Win32/RiskWare.Meterpreter.A".

 

I have tried to modify and then compile the metsrv.x86.dll file from the repo github.com/rapid7/meterpreter

 

But wasn't able to make it work even if I didn't change anything in the source code.

 

What can I do in order to make it work?

Outcomes