From 01f798c0054f62fd63eab4aa190a3b4245aa8a77 Mon Sep 17 00:00:00 2001
From: Meowmycks <45502375+Meowmycks@users.noreply.github.com>
Date: Tue, 9 Jan 2024 15:38:54 -0500
Subject: [PATCH] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index fd39d1c..99a0ef0 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@ Compile as a VS2022 project and ~~run with `NT AUTHORITY\SYSTEM` privileges~~ ru
 ## Features
 
 - Uses polymorphism with compiletime RNG to always generate a unique file signature.
-- Unhooks NTDLL to defeat EDR userland hooking.
+- Unhooks NtReadVirtualMemory to defeat EDR userland hooking.
 - Also tricks heuristics by performing multiple benign Windows API functions.
 - Encrypting and encoding MiniDump in-memory means AV/EDRs *shouldn't* flag it.
 - File deletes itself after running to try and prevent remnants from remaining on disk.