September 2024
Intermediate to advanced
488 pages
13h 29m
English
Content preview from Evasive Malware
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
INDEX
- A
- Abrams, Lawrence, 245
- acceleration checks, 121–122
- access tokens, 253–254
- AddAtom function, 209, 424
- address space layout randomization (ASLR), 15–16, 62–63
- AddVectoredExceptionHandler function, 192, 424
- AdjustTokenPrivileges function, 269, 424
- administrator account, 249
- Agent Tesla, xxiv
- alertable state, 208
- Al-Khaser, 415–416
- Allievi, Andrea, 436
- Alternate Data Streams (ADS), 307–309
- Andriesse, Dennis, 436
- anti-attach techniques, 167, 180
- anticuckoo, 143
- anti-debugging, 167
- checking parent processes, 173
- countering, 181
- in Joe Sandbox, 34
- timing checks, 171–172
- anti-disassembly, 151
- anti-forensics, 289–290, 306–317
- anti-hooking, 137–144, 238
- toolsets, 143–144
- anti-malware exclusions, 236
- anti-malware software, 224
- cloud-based ...