Search Evasion Techniques
Names, Techniques, Definitions, Keywords
1 item(s) found so far for this keyword.
FLIRT (Fast Library Identification and Recognition Technology) is a database that contains pattern of bytes (signatures) used to identify known functions from legit libraries.
Malwares can abuse known FLIRT signatures by replacing or adding specific bytes to hide malicious code inside a function that would be recognised as a legitimate library.
This technique will trick the reverse engineering process if …