Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Malware Analysis - Process Hollowing
#1

Published on Apr 13, 2017
We unpack a Dridex sample that uses process hollowing for memory execution.

Follow me on Twitter: @struppigel

Sample: https://www.hybrid-analysis.com/sampl...
Dridex article: https://countuponsecurity.com/2015/12...
Process hollowing: http://www.autosectools.com/Process-H...
API Monitor: http://www.rohitab.com/apimonitor
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Malware adds Any.Run sandbox detection to evade analysis tarekma7 2 3,456 07-14-2020 , 11:01 PM
Last Post: uyar64
  Malware Analysis - Deobfuscating Loyeetro Trojan-Spy baziroll 0 2,435 08-18-2017 , 12:49 AM
Last Post: baziroll
  Malware Analysis - Unpacking RunPE Loyeetro Trojan baziroll 0 2,275 08-09-2017 , 02:19 AM
Last Post: baziroll
  Malware Analysis - PortexAnalyzer Repair and Dump PE Files baziroll 0 2,500 08-07-2017 , 11:51 AM
Last Post: baziroll
  Malware Analysis - Creating a Decrypter for Alpha Ransomware Pt. 3 baziroll 0 2,270 08-02-2017 , 12:41 AM
Last Post: baziroll

Forum Jump:


Users browsing this thread: 1 Guest(s)