Search Evasion Techniques
Names, Techniques, Definitions, Keywords
Search Result
2 item(s) found so far for this keyword.
Atom Bombing Process Manipulating
Atom Bombing is a technique that utilizes Windows Atom Tables, which provide a global storage mechanism for strings, to inject malicious code into a target process.
The technique involves storing a shellcode in an Atom Table, then using the NtQueueApcThread
function to force the targeted process to access the specific Atom, causing the injection to occur. To bypass Data Execution …
Process Injection: Extra Window Memory Injection Defense Evasion [Mitre]
Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Before creating a window, graphical Windows-based processes must prescribe to or register a windows class, which stipulate appearance …