Read the original article: Jumping into Shellcode, (Mon, Mar 29th)
Malware analysis is exciting because you never know what you will find. In previous diaries[1], I already explained why it's important to have a look at groups of interesting Windows API call to detect some behaviors. The classic example is code injection. Usually, it is based on something like this:
Read the original article: Jumping into Shellcode, (Mon, Mar 29th)