Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Evading behavior analysis
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 03-27-2018, 18:06
0xall0c 0xall0c is offline
Friend
  
Join Date: Mar 2018
Posts: 70
Rept. Given: 0
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 28
Thanks Rcvd at 68 Times in 36 Posts
0xall0c Reputation: 4
yes timing does not play a major role but the execution of heuristic api chain surely does, what i am suggesting is to call random garbage apis in between these chains.

Also kaspersky would just flag warning on the use openprocess api as "program trying to inject in the process", is there anything that can be done to avoid that, i think no.

talking about a pre compiled binary to be evaded, do u think stuffing garbage api call in between chains would evade it?
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Malware Analysis ldmd General Discussion 7 03-09-2025 18:42
Weird behavior in a patched program Doit General Discussion 4 02-23-2022 01:48
armadillo strange behavior drequinox General Discussion 0 02-11-2006 08:52
weird search behavior abitofboth General Discussion 0 01-30-2005 20:48


All times are GMT +8. The time now is 22:08.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )