Another excellent publisher has offered up a generous sample of a book we’ve been talking about. This is Chapter 12 from Practical Malware Analysis – The Hands-on Guide to Dissecting Malicious Software. As usual, if you like this, go buy the full book and tell them how much you enjoyed it!
Chapter 12: Covert Malware Launching
As computer systems and users have become more sophisticated, malware, too, has evolved. For example, because many users know how to list processes with the Windows Task Manager (where malicious software used to appear), malware authors have developed many techniques to blend their malware into the normal Windows landscape, in an effort to conceal it.
This chapter focuses on some of the methods that malware authors use to avoid detection, called covert launching techniques. Here, you’ll learn how to recognize code constructs and other coding patterns that will help you to identify common ways that malware is covertly launched.