Common Information
| Type | Value |
|---|---|
| Value |
optionalheader.dat |
| Category | |
| Type | File |
| Misp Type | |
| Description |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-09-19 | 6 | Kernel-Land Malware Resurrection | ||
| Details | Website | 2024-09-17 | 16 | Using syscalls to bypass User-land EDR hooks | ||
| Details | Website | 2024-06-06 | 19 | [QuickNote] DarkGate – Make AutoIt Great Again | ||
| Details | Website | 2023-07-16 | 12 | Code Injection Series — #6 — PE Injection (T1055.002) | ||
| Details | Website | 2023-01-09 | 13 | [QuickNote] Another nice PlugX sample | ||
| Details | Website | 2022-12-27 | 19 | Diving into a PlugX sample of Mustang Panda group | ||
| Details | Website | 2022-11-25 | 9 | Dynamic Analysis of Windows Exploit Mitigations — Import Address Filtering. | ||
| Details | Website | 2022-07-24 | 85 | Application Verifier Provider | ||
| Details | Website | 2022-04-02 | 11 | Malware development tricks. Find kernel32.dll base: asm style. C++ example. | ||
| Details | 2021-04-22 | 62 | MacProStorage-T3:4Work:Bitdefender-PR-Whitepaper-creat4279-en_EN:Bitdefender-PR-Whitepaper-creat4279-en_EN.indd | |||
| Details | 2021-01-27 | 82 | Malware Analysis at Scale | |||
| Details | Website | 2020-12-20 | 12 | Hidden in PEB Sight: Hiding Windows API Imports With a Custom Loader | ||
| Details | Website | 2017-01-15 | 2 | Shellcode: Resolving API addresses in memory | ||
| Details | Website | 2016-12-26 | 17 | Shellcode: A Windows PIC using RSA-2048 key exchange, AES-256, SHA-3 | ||
| Details | Website | 2014-08-27 | 9 | PE injection explained - Sevagas |