KERNEL32.VirtualProtectStub IAT hook Does not detect

hasherezade / pe-sieve

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

https://hshrzd.wordpress.com/pe-sieve/

BSD 2-Clause "Simplified" License

2.97k stars 420 forks source link

KERNEL32.VirtualProtectStub IAT hook Does not detect #98

Closed maskelihileci closed 2 years ago

maskelihileci commented 2 years ago

149589589-0f74867a-8b86-4ec4-9a8f-c47fc89c4437 149589775-f22543b9-69b8-4dbe-b0d0-02ff6437ba91

maskelihileci commented 2 years ago

Problem solved, thanks again for your attention.

hasherezade commented 2 years ago

@maskelihileci - check out the new release: https://github.com/hasherezade/pe-sieve/releases/tag/v0.3.3