June 2018
Beginner
510 pages
13h 7m
English
Content preview from Learning Malware Analysis
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
6.4 I/O Requests To Layered Drivers
So far, you have understood how an I/O request is handled by a simple device controlled by a single driver. The I/O request can go through multiple layers of drivers; I/O processing for the layered drivers happens in much the same way. The following screenshot illustrates an example of how an I/O request might travel through layered drivers before reaching the hardware-based devices:
This concept is better understood with an example, so let's trigger a write operation to c:\abc.txt using the following command. When this command is executed, netstat will open the handle to abc.txt and write to it:
C:\Windows\system32> ...