Introducing
Your new presentation assistant.
Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.
Trending searches
Q & A
United States Army Cyber Institute
at USMA West Point
(C, C++, Python, etc.)
Develop Dispatcher & Main()
Presentation
JSON Parser
Publish Research Paper
Malware Family Research
What is Malware?
Malware Attribution Process
Process Injection -
sourced from: Hosseini, Ashkan
https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process, 18 July 2017
- Creates Process
- send and open
- Inject Data
- via DLL, code, process, etc
- Transfer to Process
- Execute
Process Fork()
- Creates a new process system call
- No argument needed
- Process ID of the child process
- After creation of the process, both parent and child processes, starts execution simultaneously from the next instruction
cat 1.json | jq '.behavior.processes[1]
.calls[].api' > trend.txt
"ldrloadDll"
"ntterminateprocess"
"ntreadfile"
Malware
Fingerprints
Ziyang Malware -
December 2021 - April 2022
January 2022 - April 2022
www.paramehta.com