& Hooking

From ema
Jump to navigation Jump to search
EMA ID: ema-1021
Description: Alter API behavior, for example by inserting JMP/JCC instruction(s) at start of API code or to redirect benign API to a critical one. Sometimes hooking is used to prevent memory dumps.


  • File Handling: File handling APIs are modified to make embedded files usable like external ones.

Associated Capabilities/Subcapabilities: Capability.png Anti-Behavioral Analysis

Associated With & Hooking
No results