- Volume 6 Issue 3
Recently the Personal Computer hacking and game hacking for the purpose of gaining an economic profit is increased in Windows system. Malicious code often uses methods which inject dll or code into memory in target process for using covert channel for communicating among them, bypassing secure products like personal firewalls and obtaining sensitive information in system. This paper analyzes the technique for injecting and executing code into memory area in target process. In addition, this analyzes the PE format and IMPORT table for extracting injected dll in running process in affected system and describes a method for extracting and analyzing explicitly loaded dll files related with running process. This technique is useful for finding and analyzing infected processes in affected system.