Analysing the Process Environment Block
The Process Environment Block is a critical structure in the Windows OS, most of its fields are not intended to be used by other than the operating system. I...
Recent Posts
VMUnprotect Call Hijacker for VMP: Part 2
Now what if… we make an program that does everything for us! At first I made my approach that tries to search for function 0x06000153 in this sample. Which a...
VMUnprotect Call Hijacker for VMP: Part 1
Hello fellow readers! This is my exploration of VMProtect security. It’s well-known Software Protection with a lot of features, the main ones are code mutat...