When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Therefore, many security tools also use API hooking to track the malware.
Simplicity and originality
“With UNAPIMON, things are different.
As a result, it successfully evades antivirus detection.
This also displayed the coding prowess and creativity of the malware writer.”
“In typical scenarios, it is the malware that does the hooking.
However, it is the opposite in this case.”
Using Microsoft Detours in this regard has other benefits, too, the researchers explained.
As this is a legitimate debugging tool, it even evades behavioral detection.
In its writeup,BleepingComputerdescribed Winnti hackers as known for their novel methods of evading detection when conducting attacks.
