AMSI Module In-Memory Patch
0x00 Abstract The 12th Jun 2019 I wrote a paper about the Anti-Malware Scan Interface technology. At this time, the objective was to dig into the AMSI internals in order to, firstly, understand how the technology works and, secondly, how it is possible to bypass AMSI by carrying out an in memory module function patching.
This paper will not provide more information about AMSI and the patch will be the same.