Malware development trick 38: Hunting RWX - part 2. Target process investigation tricks. Simple C/C++ example | allinfosecnews.com

May 2, 2024, 11:06 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

﷽

Hello, cybersecurity enthusiasts and white hackers!

In one of my previous posts, I described a process injection method using RWX-memory searching logic. Today, I will apply the same logic, but with a new trick.

As you remember, the method is simple: we enumerate the presently running target processes on the victim’s system, scan through their allocated memory blocks to see if any are protected with RWX, and then write our payload to this memory block.

practical example

Today …

cybersecurity development hackers hello hunting injection investigation logic malware malware analysis malware development memory posts process process injection rwx simple target today trick

More from malware.news / Malware Analysis, News and Indicators - Latest topics

ISC Stormcast For Friday, May 17th, 2024 https://isc.sans.edu/podcastdetail/8986, (Fri, May 17th) 58 minutes ago | malware.news

Unpacking XDR: Coverage, stitching, accregation — and the GenAI wildcard 2 hours ago | malware.news

article genai link media +7

The enterprise browser: The first win-win-win for CISOs, CIOs and end users 2 hours ago | malware.news

article browser browsers cisos +11

One big problem SOC teams can actually solve with AI 2 hours ago | malware.news

article big can intezer +8

SailPoint's approach to unified identity security for the modern enterprise 3 hours ago | malware.news

article enterprise identity identity security +6

AI SOC Solutions, Revamp Your Cybersecurity, & Nightwing Introduction - Jon Check, Ricardo Villadiego, Jim … 4 hours ago | malware.news

amp article check cybersecurity +6

Post-RSAC, Our Heads Are Spinning, and Big News Keeps on Coming! - ESW #362 4 hours ago | malware.news

article big coming link +3

AI-generated code top cloud security concern amid 100% use rate in survey 4 hours ago | malware.news

api article cloud cloud security +14

Security through data 5 hours ago | malware.news

article centers cisco data +6

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Brand Experience and Development Associate (Libby's Pumpkin)

@ Nestlé | Arlington, VA, US, 22209

View on infosec-jobs.com

Cybersecurity Analyst

@ L&T Technology Services | Milpitas, CA, US

View on infosec-jobs.com

Information Security Analyst

@ Fortinet | Burnaby, BC, Canada

View on infosec-jobs.com