RunPE Overview

Most hackers use remote access Trojans (RATs) and they almost always use the RunPE method. This method generates a legitimate process executable (PE) file, so this is often the default browser or Microsoft system process, and replaces it with malicious code directly in memory. This allows the computer to process malicious code as a legitimate process. As soon as this happens, your antivirus program does not know that your browser is effectively turned into a virus by default.

You can find more detailed information about RunPe in this article.

More.

DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.