Packer-as-a-Service: How AI Detects EDR Killers

Most companies still treat ransomware as a “file problem.” Block the payload, quarantine the attachment, call it a day.

Shanya is a reminder that modern ransomware operators don’t just ship malware—they ship the conditions that make malware succeed. Shanya is a packer-as-a-service offering observed in 2025 that wraps ransomware and related tools in heavy obfuscation and, more dangerously, tries to disable endpoint detection and response (EDR) so the rest of the attack can run quietly.

For the AI in Cybersecurity series, Shanya is a clean case study: when attackers can rent evasion, signature-based defenses and “EDR-only” strategies get exposed. The smarter play is AI-driven detection that looks for behavior, not packaging, and a defense design that assumes attackers will take a swing at your sensors.

What “packer-as-a-service” really changes in ransomware attacks

Packer-as-a-service (PaaS) turns evasive malware wrapping into a subscription business. That matters because it lowers the skill barrier for attackers and increases the volume of “new” malware that looks different every week—even when the underlying behavior hasn’t changed.

A packer isn’t new. What’s new is the productization:

• Ransomware groups don’t need to build obfuscation tooling or maintain it.
• Affiliates can rotate packers the same way they rotate phishing kits.
• Defenders see higher variant churn, which pressures teams that depend on static indicators.

Shanya follows the path carved by other packing ecosystems (researchers have compared its emerging role to previous services that became staples in ransomware toolkits). The operational impact is straightforward: more campaigns reach execution because the front door checks (hashes, signatures, basic sandboxing) fail more often.

Why this is bigger than “obfuscation”

Obfuscation buys time. Killing EDR buys invisibility. The combination is what should bother you.

Attackers don’t need to be undetectable forever. They need a window—often minutes—to:

1. Establish persistence or remote control
2. Escalate privileges
3. Disable defenses
4. Stage data exfiltration
5. Detonate encryption

Packer-as-a-service helps with step 0: arrive without getting blocked. Shanya pushes further by trying to sabotage step 3: make sure you can’t see what’s next.

Shanya’s playbook: how EDR killers tilt the field

EDR killers target the monitoring layer itself—processes, services, and sometimes kernel components—so the victim loses visibility right before the most damaging actions.

Shanya has been described by researchers primarily as an EDR killer used by multiple ransomware gangs. The pattern is one defenders should recognize because it’s showing up again and again across different families:

• A dropper brings in both a legitimate (clean) driver and a malicious kernel driver.
• The clean driver is loaded to avoid immediate suspicion.
• The malicious component abuses the legitimate driver’s capabilities (for example, privileged write access) to tamper with security tooling.
• The malware then terminates or deletes processes and services tied to endpoint security products.

This is the part too many incident postmortems gloss over: if an attacker can reliably shut down or blind EDR, your timeline will look like a magic trick.

If your detection depends on the tool that gets killed first, you don’t have detection—you have hope.

What defenders miss: “EDR protection” is a first-class control

Teams spend heavily on EDR and then treat it like an appliance.

In practice, EDR needs its own protection model:

• Prevent untrusted driver loading (where feasible) and tighten kernel attack surface.
• Harden tamper protection settings and centralize enforcement.
• Alert on EDR health changes (agent stopped, sensor degraded, service removed) as a high-severity event.
• Design for graceful failure: if endpoints go dark, can you still isolate hosts from the network? Can you still see authentication anomalies?

Shanya’s existence is a nudge toward a hard truth: ransomware groups are funding R&D specifically to make your expensive tooling less relevant.

Where AI-driven threat detection fits (and where it doesn’t)

AI doesn’t “solve ransomware.” It solves the detection gap created by high-variance malware and sensor evasion by focusing on behavior and relationships.

Packer-as-a-service is meant to break classic controls: signatures, hashes, and brittle rules.

AI-based detection is useful here because it can:

• Generalize across variants (packed, re-packed, re-signed, recompiled)
• Correlate weak signals into a strong signal
• Spot sequences of behavior that humans and rules often miss

Behavioral signals AI can catch even when packing changes

Packing changes how code looks. It doesn’t change what attackers must do to win.

A practical AI detection strategy focuses on behaviors like:

• Driver-related anomalies
  • Unusual driver installation paths
  • Driver loading on endpoints that don’t typically load new drivers
  • Rare parent/child process relationships tied to driver deployment
• Security tool interference
  • Termination attempts against known EDR/AV processes
  • Service control manager actions targeting security services
  • Registry or file operations consistent with disabling security agents
• Pre-ransomware staging
  • High-rate file enumeration
  • Credential dumping patterns (access to LSASS, suspicious handle opens)
  • Burst of remote execution (PsExec-like behavior, WMI spawns) across multiple hosts

The advantage of AI here is pattern recognition at scale: one host doing something weird might be noise; five hosts doing a coordinated set of weird things is almost never noise.

The “EDR got killed” problem: what AI should monitor outside the endpoint

Attackers going after EDR creates an obvious question: What happens if your endpoint sensor is blinded?

This is where AI helps when it’s fed by multiple telemetry sources:

• Identity signals (SSO, VPN, IAM events)
• Network signals (east-west traffic, DNS, proxy)
• Email and collaboration signals (phishing delivery and click paths)
• Server/workload telemetry (cloud audit logs, container/runtime events)

If you’ve built detection around a single sensor type, Shanya-like tools are designed to turn that into a single point of failure.

Defense plan: how to reduce risk from Shanya-style packing and EDR killers

The goal isn’t to “detect Shanya.” The goal is to break the ransomware chain even when the payload is hidden and EDR is under attack.

Here’s what works in real environments—especially mid-market enterprises that don’t have infinite headcount.

1) Treat driver abuse as a high-priority detection category

Kernel driver abuse is attractive because it can bypass protections that live in user space.

Action steps:

• Inventory where driver installs are normal (IT tools, device management, hardware vendors).
• Alert on new driver loads outside those baselines.
• Consider application control or allowlisting for driver installation where operationally possible.

If your SOC never looks at driver telemetry, ransomware groups will keep betting you won’t start tomorrow.

2) Build “EDR integrity” alerts that page humans

If your EDR agent stops, that should be treated closer to a fire alarm than a warning.

Implement at minimum:

• Alert when endpoint security services are stopped/disabled
• Alert when security binaries are deleted/quarantined unexpectedly
• Alert on policy/tamper-protection changes
• Require dual control for changes to EDR policies (no silent tweaks)

AI can help here by reducing false positives—e.g., learning that this IT automation job stops services during patch windows, while that random workstation does not.

3) Assume obfuscation will win sometimes; focus on containment speed

Packed payloads often slip past the first control. The defender advantage is containment speed.

What I’ve found works is rehearsing a short list of “ransomware fast actions”:

1. Isolate host or segment (network quarantine)
2. Disable lateral movement paths (temporary blocks for SMB/RDP where feasible)
3. Rotate credentials for suspected compromised accounts
4. Validate backups and protect them from deletion (immutability matters)

If the first time you try these steps is during an incident, you’ll lose time you can’t afford.

4) Use AI to prioritize, not to “auto-close”

AI is strongest when it helps analysts answer: Which 3 alerts matter right now?

Good AI-driven triage:

• Groups alerts into an incident narrative (initial access → execution → defense evasion)
• Scores risk using environment context (role of host, sensitivity of data, reachability)
• Suggests next-best action (isolate host, pull memory, block hash, disable account)

Bad AI-driven triage auto-closes anything “below threshold.” Shanya-type attacks thrive in the gray zone.

5) Train against social engineering that sets up these toolchains

Research has noted Shanya-like activity appearing alongside social engineering patterns (including “fix this” style prompts used to trick users into running commands).

Your best defense is reducing execution opportunities:

• Remove local admin where possible
• Add friction to script execution (signed scripts, constrained language mode)
• Train users with realistic scenarios that mirror current lures

Security awareness isn’t about posters. It’s about making sure fewer people can be turned into a launchpad.

Practical Q&A your stakeholders will ask

“If we have EDR, are we safe from ransomware?”

No. EDR is necessary, but it’s also a target. Plan for EDR degradation and ensure you can detect and contain using identity and network signals.

“Should we focus on indicators of compromise (IOCs) for Shanya?”

Use IOCs, but don’t depend on them. With packer-as-a-service, indicators churn quickly. Behavioral detection and hardening controls hold up longer.

“What’s the fastest way to improve resilience in 30 days?”

Start with three moves:

• Turn on and test EDR tamper protection and integrity alerts
• Add driver-load anomaly detection (even a basic baseline helps)
• Rehearse isolation and credential rotation steps with your IT team

Where this goes next for AI in cybersecurity

Packer-as-a-service is a business model, and it’s working. As long as ransomware pays, attackers will keep renting specialized capabilities: packing, initial access, driver exploitation, and “security product interference.”

The defense answer isn’t buying a new checkbox. It’s building AI-powered anomaly detection across identity, network, and endpoint data—then combining it with a response plan that assumes your first line of visibility may get hit.

If you’re reviewing your 2026 security roadmap right now, here’s the question I’d put on the table: If an attacker kills EDR on five endpoints in five minutes, do we still detect the intrusion—and can we still contain it?