Remote Symbol Resolution

Introduction The following blog discusses a couple of common techniques that malware uses to obscure its access to the Windows API. In both forms examined, analysts must calculate the API start address and resolve the symbol from the runtime process in order to determine functionality.

Read full news article on FireEye Blog

 


Date:

Categorie(s):