Abstract
Malware can drop new files on the system, create new registry keys and values, initiate network connections, create new processes, insert new kernel modules, and so forth. Malware can also force/inject/insert itself into and modify existing running processes, including OS processes and the underlying kernel. But most of these techniques used by the malware for this are not the ones discovered or invented by malware attackers but are techniques used by many of the legitimate software, especially antimalware products.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Abhijit Mohanta, Anoop Saldanha
About this chapter
Cite this chapter
Mohanta, A., Saldanha, A. (2020). Code Injection, Process Hollowing, and API Hooking. In: Malware Analysis and Detection Engineering. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-6193-4_10
Download citation
DOI: https://doi.org/10.1007/978-1-4842-6193-4_10
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-6192-7
Online ISBN: 978-1-4842-6193-4
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books