327 B
327 B
Code injection via KernelCallbackTable.
Simple process injection by spoofing the fnCOPYDATA
value in KernelCallbackTable
. C++ malware implementation example.
https://cocomelonc.github.io/tutorial/2022/01/24/malware-injection-15.html