D3Ext

Now it seems fine. Let me know if it works for you, in order to close this issue.

I see that your input shellcode is called "encrypted". Is it AES encryption or anything similar? In case you want to encrypt the shellcode you should use the `--enc` flag...

I also have to say that some injection techniques are more stable than others. For example `NtCreateThreadEx` and the default `SuspendedProcess` are much more stable.

Anyway, I have paid more attention to the error image and it seems that one Windows API function is not being resolved properly. I will also see if that is...

OK, I will also test different scenarios with and without AMSI patching. Sorry for the bugs. Try it on Linux and it may work, at least it never gave me...