Vanish

Time flies like an arrow - Fruit flies like a banana

10 Process Injection Techniques

Process injection is a widespread defense evasion technique employed often within malware and fileless adversary tradecraft, and entails running custom code within the address space of another process. Process injection improves stealth, and some techniques also achieve persistence. Although there are numerous process injection techniques, in this blog I present ten techniques seen in the wild that run malware code on behalf of another process. I additionally provide screenshots for many of these techniques to facilitate reverse engineering and malware analysis, assisting detection and defense against these common techniques.

 

Updated: July 27, 2017 — 9:29 pm
Vanish © 2016       All information on this blog, unless otherwise noted, is hereby released into the public domain, with no rights reserved. Frontier Theme