August 10, 2023 at 10:17AM

■■■□□ Kraken Mask: A sleep obfuscation tool is used to encrypt the content of the .text section with RC4 (using SystemFunction032). To achieve this encryption, a ROP chain is employed with QueueUserAPC and NtContinue.

● Half of it complete skipped my head. Don’t know what this tool actually does.