search

season-lab / bluepill

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
GNU Lesser General Public License v3.0
120 stars 22 forks source link

PEB patching with Wow64 support #3

Closed dcdelia closed 4 years ago

dcdelia commented 4 years ago

Added PEB64 code from internal repository. Tested against Al-Khaser.