all InfoSec news
Visual Examples of Code Injection, (Thu, Nov 9th)
Malware Analysis, News and Indicators - Latest topics malware.news
Code injection techniques (T1055 from MITRE[1]) is a common technique these days. It’s a nice way for an attacker to hide malicious code into a legit process. A deviation of this technique is called “Process Hollowing”[2] where code of the legit suspended process is wiped and replaced by malicious code. Code injection is performed by calling Microsoft API calls like: VirtualAllocEx(), NtUnmapViewOfSecrio(), WriteProcessMemory(), … (they are many others available)
Article Link: https://isc.sans.edu/diary/rss/30388
1 post - 1 participant
attacker called code code injection hide hollowing injection legit malicious mitre nice nov process process hollowing techniques