New Unprotect Delphi Code Snippet added for technique Process Hollowing, RunPE
with support of both x86-32 and x86-64 in a single code.
New Unprotect Delphi Code Snippet added for technique ProcEnvInjection - Remote code injection by abusing process environment strings
for both x86-32 and x86-64.
New Unprotect Delphi Code Snippet added for technique DLL Injection via CreateRemoteThread and LoadLibrary
with both support of x86-32 and x86-64.
This technique is often used by Malware to hide their presence on system after execution. The application self-delete after the end of its execution. The best method to archive a such goal is through process injection.
Read more...