Title | Date | Author | |
---|---|---|---|
APC Queue Code Injection |
05 May 2021 |
Soufiane Fariss |
Injection techniques that rely on creating a remote thread in the target process to execute the shellcode might cause a huge increase in the malware confidence score which will raise a lot of suspicion among security products. Nevertheless, these techniques create a new thread, which causes a lot of overhead because of allocating new resources to get the thread up and running.