- Authentihash Evasion manipulate: > - PE timestamps > - certificate-excluded regions - Imphash disruption: > - Import table modding > - add benign libraries - Fuzzy hash disruption (SSDEEP, TLSH): > - distributed bitflipping > - content insertion
