Process Doppelgänging

This is my implementation of the technique presented by enSilo:
https://www.youtube.com/watch?v=Cch8dvp836w

Characteristics:

• Payload mapped as MEM_IMAGE (unnamed: not linked to any file)
• Sections mapped with original access rights (no RWX)
• Payload connected to PEB as the main module
• Remote injection supported (but only into a newly created process)
• Process is created from an unnamed module (GetProcessImageFileName returns empty string)