I remember a finding from @taviso where an AV emulated the windows API and forwarded unknown api calls to the real api. anyone has a link?
Will Dormann Retweeted Tavis Ormandy
Will Dormann added,
6:37 AM - 19 Dec 2016
0 replies
2 retweets
6 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.