Posted by Stefan Kanthak on Dec 18

Hi @ll,

this post is a shortened version of
<https://skanthak.homepage.t-online.de/detour.html>

With Windows 2000 and Windows XP, Microsoft introduced the functions
SystemFunction035() alias RtlCheckSignatureInFile(),
SystemFunction036() alias RtlGenRandom(),
SystemFunction040() alias RtlEncryptMemory(), and
SystemFunction041() alias RtlDecryptMemory() in ADVAPI32.dll

Note: RtlCheckSignatureInFile() was never documented, it has the…
Read More – Full Disclosure


By |2020-12-23T23:43:49-05:00December 23rd, 2020|