Search Evasion Techniques

Names, Techniques, Definitions, Keywords

Search Result

1 item(s) found so far for this keyword.

Process Reimaging Process Manipulating

The Windows Operating System has inconsistencies in how it determines process image FILE_OBJECT locations, which impacts non-EDR (Endpoint Detection and Response) Endpoint Security Solution’s (such as Microsoft Defender Realtime Protection), ability to detect the correct binaries loaded in malicious processes.

This inconsistency has led McAfee’s Advanced Threat Research to develop a new post-exploitation evasion technique called “Process Reimaging”. This technique …

Read More