Malware on *nix systems can overwrite argv[] in order to hide from sysadmins and analysts. This post demonstrates this technique, ways to hunt for this behavior, and some links to real world samples which leverage this technique.
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
*nix malware 