😈 [ Nikhil Hegde @ka1do9 ]
In this one, I go into great detail about how malware walks the Process Environment Block (PEB) to find particular DLLs and parses their export table to find address of functions.
🔗 https://nikhilh-20.github.io/blog/peb_phobos_ransomware/
🐥 [ tweet ]
In this one, I go into great detail about how malware walks the Process Environment Block (PEB) to find particular DLLs and parses their export table to find address of functions.
🔗 https://nikhilh-20.github.io/blog/peb_phobos_ransomware/
🐥 [ tweet ]