Jump to content


Photo

Uncover hidden malware with RunPE Detector


  • Please log in to reply
No replies to this topic

#1 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 31,755 posts

Posted 22 June 2015 - 06:39 PM

Uncover hidden malware with RunPE Detector
 
By Mike Williams
Published 2015-06-22
 
Malware uses many tricks to hide its process, and one of the most common is known as RunPE. Essentially this involves starting a known and trusted process -- Explorer.exe, say -- in a suspended state, replacing its code with the malware’s own, then starting it up. Even running something like Process Explorer won’t reveal any problems unless you look very, very closely.