How Direct Syscalls&XOR Encryption Bypass Windows Defender