strings
2024-08-16
In the context of computer programming, a string is a sequence of characters used to represent text.
Read More
Payload Placement (PE files)
2024-08-07
Malware developers have options as to where they place the payload for their malware within a PE file. The .data and .rdata sections are easy and ...
Read More
Persistence
2024-08-06
Persistence in the context of malware refers to the ability of malicious code to survive after the exploited component is terminated or the system is ...
Read More
Process Injection
2024-08-06
Process Injection is a method of executing arbitrary code into the address space of a separate running process.
Process Injection can be carried out ...
Read More
antivirus
2024-08-05
Antivirus software (AV) or anti-malware are computer programs used to prevent, detect, and remove malware.
Read More
Behavior-based Detection
2024-08-05
Once malware is running, security software will continue to look for suspicious behavior emitted by running processes.
For example, if a notepad.exe ...
Read More
CreateFile
2024-08-05
CreateFile() is a WinAPI macro (chooses CreateFileA or CreateFileW as appropriate) that creates a new file or opens an existing file. On success, a ...
Read More
Hashing Detection
2024-08-05
Hashing detections are done by saving file hashes of known to be malicious files and comparing them with samples to be analyzed. If the file hashes ...
Read More
malware analysis
2024-08-05
Malware Analysis is the process of understanding the behavior and purpose of a malware sample.
Read More
obfuscation
2024-08-05
Similar to encryption, obfuscation techniques can protect sensitive data from being read. Obfuscation is often deployed as a defense against reverse ...
Read More