Malware Analysis

Malware Analysis

#evasive-malware
Earth Freybug Uses UNAPIMON for Unhooking Critical APIs
Earth Freybug Uses UNAPIMON for Unhooking Critical APIs
This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child processes from being monitored via a new malware we’ve discovered and dubbed UNAPIMON.
·trendmicro.com·
Earth Freybug Uses UNAPIMON for Unhooking Critical APIs