Abstract
Malware misuses and manipulates OS functionalities and features. A malware analyst needs to be aware of all of it. Operating systems and Windows internals are vast subjects, and we need not digest all of it. This chapter focuses on selective Windows operating system fundamentals, which are needed for a malware analyst. In this chapter, we cover system directories, objects, handles, and mutexes, and important system processes that are (mis)used by malware. We also look at Win32 APIs and system DLLs, which are commonly used by malware to perform malicious activities.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Abhijit Mohanta, Anoop Saldanha
About this chapter
Cite this chapter
Mohanta, A., Saldanha, A. (2020). Windows Internals. In: Malware Analysis and Detection Engineering. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-6193-4_5
Download citation
DOI: https://doi.org/10.1007/978-1-4842-6193-4_5
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-6192-7
Online ISBN: 978-1-4842-6193-4
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books