Search Evasion Techniques
Names, Techniques, Definitions, Keywords
Search Result
2 item(s) found so far for this keyword.
Process Hollowing, RunPE Process Manipulating
Process hollowing is a technique used by malware to evade detection by injecting malicious code into a legitimate process. This technique involves creating a new instance of a legitimate process and replacing its original code with the malicious payload.
The process is the following:
CreateProcess
: in a suspended mode with the CreationFlag at 0x0000 0004.GetThreadContext
: retrieves the …
PureCrypter Packers
PureCrypter, a multi-functional crypter/loader developed in C#, was first introduced in hacking forums on March 17, 2021. This tool is compatible with both 32-bit and 64-bit native as well as .NET payloads. It features multiple injection modes, including reflection, RunPE, and shellcode. PureCrypter can deliver payloads either via a URL or offline. It has been noted for its use in …