What’s new in Windows Defender ATP Fall Creators Update

Discussion in 'other anti-malware software' started by ronjor, Jun 27, 2017.

  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Very interesting article, this also shows how sneaky "reflective DLL loading" really is.

    Windows Defender ATP seems to be a pretty decent tool. :thumb:
     
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    I have a test user mode DoublePulsar reflective loader I can point anyone to if they want to test WD ATP using it. It doesn't physically inject the memory of the targeted process. Rather it hooks a thread into the targeted process and runs the .dll from the attack process.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.