Ekko in Rust

A small sleep obfuscation technique that uses CreateTimerQueueTimer Win32 API in Rust. This is ported from C https://github.com/Cracked5pider/Ekko/ to Rust.

Credits / References

• @C5pider https://github.com/Cracked5pider/Ekko/
• Austin Hudson (@SecIdiot) https://suspicious.actor/2022/05/05/mdsec-nighthawk-study.html
• Originally discovered by Peter Winter-Smith!!missing!! and used in MDSec’s Nighthawk
• Thanks for contributing @trickster012
• https://learn.microsoft.com/
• Rust Lang Community Discord: https://discord.com/invite/rust-lang-community