Tag: $~ lloydlabs

Export Hashing (”exphash”), inspired by Mandiant’s imphash, is a SHA-256 hash of ordinal-ordered export names in PEs. Tracking DLLs which are used in search-order hijacking can sometimes be tricky. They may have a partial Export Address Table compromising of a…

Read more →

Export Hashing (”exphash”), inspired by Mandiant’s imphash, is a SHA-256 hash of ordinal-ordered export names in PEs. Tracking DLLs which are used in search-order hijacking can sometimes be tricky. They may have a partial Export Address Table compromising of a…

Read more →