daevlin
@daevlin
Mr Malware, meet Mr Poke and Mr Stick
ID:22911209
https://daevlin.github.io 05-03-2009 12:07:07
32,1K تغريدات
408 متابعون
334 التالية
Follow People
RE tip of the day: APIs like DebugActiveProcess, DbgUiDebugActiveProcess or NtDebugActiveProcess can be used by malware to attach to its own process. If the debugger is attached, they will fail this way revealing its presence
#infosec #cybersecurity #malware #reverseengineering
Do you like unpacking malware? We too! During our recent #AgentTesla analysis we wrote unpacker for #DotRunPeX , and decided to share it. Read our blog post for more info: cert.pl/en/posts/2023/…