Listplanting
Created the Tuesday 06 October 2020. Updated 1 year, 1 month ago.
Edit controls are a type of user interface element that allows a user to enter and edit text in a graphical user interface (GUI). They are commonly used in Windows applications and can be embedded directly into a GUI or subclassed as a separate window.
Edit controls can be set to display text in multiline mode, in which case they use a special callback function called the EditWordBreakProc to handle word wrapping. This callback function is called anytime the control needs to perform an operation related to word wrapping.
In addition to the EditWordBreakProc callback function, the ListView control, which is a common GUI element used to display lists of items, can also be customized using certain messages. The LVM_SORTGROUPS message allows the user to specify a callback function that is used to sort the groups in a ListView control. The LVM_INSERTGROUPSORTED message inserts a new group into a ListView control, using the callback function specified in the LVM_SORTGROUPS message to determine the proper position for the new group. The LVM_SORTITEMS message allows the user to specify a callback function that is used to sort the items in a ListView control.
Using these messages and callback functions, it is possible to customize the sorting of items and groups in a ListView control to meet the specific needs of an application.
Technique Identifier
Featured Windows API's
Below, you will find a list of the most commonly used Windows API's that are currently utilized by malware authors for current evasion technique. This list is meant to provide an overview of the API's that are commonly used for this purpose. If there are any API's that you feel should be included on this list, please do not hesitate to contact us. We will be happy to update the list and provide any additional information or documentation that may be helpful.
Code Snippets
Additional Resources
External Links
The resources provided below are associated links that will give you even more detailed information and research on current evasion technique. It is important to note that, while these resources may be helpful, it is important to exercise caution when following external links. As always, be careful when clicking on links from unknown sources, as they may lead to malicious content.