https://baseaddress.org/re/beginner-malware-analysis/Recent content in Beginner Malware Analysis on baseaddress.orgHugoen-usMon, 18 May 2026 00:00:00 +1100https://baseaddress.org/re/beginner-malware-analysis/ma-is-debugger-present/Mon, 18 May 2026 00:00:00 +1100https://baseaddress.org/re/beginner-malware-analysis/ma-is-debugger-present/A first look at anti-debugging: how a program detects an attached debugger via the IsDebuggerPresent Win32 API.https://baseaddress.org/re/beginner-malware-analysis/ma-is-debugger-present-workaround/Mon, 18 May 2026 00:00:00 +1100https://baseaddress.org/re/beginner-malware-analysis/ma-is-debugger-present-workaround/The cat-and-mouse next move: detecting a debugger without ever calling IsDebuggerPresent, so common hook-based bypasses (ScyllaHide etc.) miss it.