Re: Using ZwCreateFile to Launch embedded exe
- From: "Jay" <patelj27b@xxxxxxxxx>
- Date: 8 Dec 2006 10:56:09 -0800
This is going to be part of the security package that I am writing.
When it is executing, a user allows only the applications that they
want to execute. If any othe .exe tries to run that the user has not
allowed, then another .exe will execute in it's place. It is not
malware.
-Jay
(patelj27b at gmail dot com)
anton bassov wrote:
What a "driver that will replace a file that is executing with another
exe" is, apart from being just a piece of MALWARE???
Anton Bassov
.
Jay wrote:
Hey There,
I have some code that is written for a driver that will replace a
file that is executing with another exe. For most .exes it will work,
but for the executables that are, in essence, wrappers, like the
self-extracting zip file, will not work. What is different in the flow
of execution of a regular exe with one that is essentially just a
wrapper exe? Any information that can point me in the right direction
would be greatly appreciated!
-Jay
(patelj27b at gmail dot com)
.
- Follow-Ups:
- Re: Using ZwCreateFile to Launch embedded exe
- From: anton bassov
- Re: Using ZwCreateFile to Launch embedded exe
- References:
- Using ZwCreateFile to Launch embedded exe
- From: Jay
- Re: Using ZwCreateFile to Launch embedded exe
- From: anton bassov
- Using ZwCreateFile to Launch embedded exe
- Prev by Date: Re: Using ZwCreateFile to Launch embedded exe
- Next by Date: Re: DLL Differencing utility
- Previous by thread: Re: Using ZwCreateFile to Launch embedded exe
- Next by thread: Re: Using ZwCreateFile to Launch embedded exe
- Index(es):
Relevant Pages
|
