Tag: Malware Analysis

Several methods malware can hide itself on Windows

Introduction Back in the day of Windows 95, 98, and (ugh) ME, I vividly remember getting malware on my machine a handful of times. Each time usually involved the computer slowing down to a crawl, strange popup and error messages about files coming up which were usually DLLs, and just all around obvious and suspicious…


WINAPI Ordinals

If you view a PE file’s function imports, you may sometimes come across a bunch of nondescript numbers like so: These are simply function ordinals, which are ID numbers to Windows API function calls… In this case, we’re looking at Ws2_32.dll which houses Winsock functions. So, in a nutshell, these are socket create/connect/send/receive calls which…


Linked-List Demo via GetAdaptersInfo()

The linked-list is perhaps the most widely known and often-taught data structures to newbie coders. However, it, like many other newbie lessons in software, is often taught completely out of context… ie: struct LL_node{ int some_data; struct LL_node *next_node; }; or of course in a doubly-linked list, we have a previous_node pointer as well. But…