Search Evasion Techniques
Names, Techniques, Definitions, Keywords
Search Result
12 item(s) found so far for this keyword.
Process Argument Spoofing Process Manipulating
Process Argument Spoofing is a technique used by attackers to hide their true intentions by changing the command line arguments of a process after it has started. This is done by tampering with the Process Environment Block (PEB).
The PEB is a structure in Windows that holds various information about a running process. Within the PEB, there's a specific section …
NixImports Packers
A .NET malware loader employs API-Hashing and dynamic invocation to circumvent static analysis. NixImports utilizes managed API-Hashing to dynamically determine most of its required functions during runtime. For function resolution, HInvoke needs two specific hashes: typeHash and methodHash, representing the type name and the method's full name, respectively. At runtime, HInvoke scans the entire mscorlib to locate the corresponding type …