Jump to content


Uncover hidden malware with RunPE Detector

  • Please log in to reply
No replies to this topic

#1 TheSentinel


    The man in the dark

  • General Admin
  • 31,818 posts

Posted 22 June 2015 - 06:39 PM

Uncover hidden malware with RunPE Detector
By Mike Williams
Published 2015-06-22
Malware uses many tricks to hide its process, and one of the most common is known as RunPE. Essentially this involves starting a known and trusted process -- Explorer.exe, say -- in a suspended state, replacing its code with the malware’s own, then starting it up. Even running something like Process Explorer won’t reveal any problems unless you look very, very closely.