336x280(권장), 300x250(권장), 250x250, 200x200 크기의 광고 코드만 넣을 수 있습니다.
API BASED ANTI-DEBUGGING
IsDebuggerPresent CheckRemoteDebuggerPresent OutputDebugString FindWindow Registry Key NtQueryInformationProcess (ProcessDebugPort) NtSetInformationThread Debugger Detaching Self Debugging with DebugActiveProcess NtQueryInformationProcess (ProcessDebugObjectHandle) OllyDbg OutputDebugString() Format String SeDebugPrivilege OpenProcess OllyDbg OpenProcess String Detection OllyDbg Filename Format String
DIRECT PROCESS AND THREAD BLOCK DETECTIONS
IsDebuggerPresent Direct PEB IsDebuggerPresent Set/Check NtGlobalFlag Vista TEB System DLL Pointer PEB ProcessHeap Flag Debugger LDR_Module
HARDWARE AND REGISTER BASED DETECTION
Hardware Breakpoints VMware LDT Register Detection VMware STR Register Detection
TIMING BASED DETECTIONS
RDTSC NTQueryPerformanceCounter GetTickCount timeGetTime
MODIFIED CODE DETECTION
CRC Checking
EXCEPTION BASED DETECTION
INT 3 Exception (0XCC) INT 2D (Kernel Debugger Interrupt) ICE Breakpoint Single Step Detection Unhandled Exception Filter CloseHandle Control-C Vectored Exception Prefix Handling CMPXCHG8B and LOCK OllyDbg Memory Breakpoint VMware Magic Port
'Analysis > API' 카테고리의 다른 글
커널이미지 구성요소 접두어 (Ldr, Rtl, Zw...) (0) | 2016.06.22 |
---|---|
GetTickCount를 이용한 안티 디버깅 (0) | 2016.04.15 |
악성코드에 자주 사용되는 API 함수 (1) | 2016.04.07 |
GetEnvironmentVariable - 환경변수 호출 (0) | 2016.04.05 |