Process Hollowing

Pierluigi Paganini January 11, 2018
CSE Malware ZLab – Double Process Hollowing -The stealth process injection of the new Ursnif malware

A new variant of the infamous Ursnif malware spread in the wild and adopts a new advanced evasion technique dubbed Double Process Hollowing. Whereas the malware LockPos, famous for its new incredibly advanced and sophisticated evasion technique, spread and affected many Points of Sale, another variant spread in the wild and adopts a similar but […]