Blog | G5 Cyber Security

An Introduction to Image File Execution Options

Malware does not only check if there are debuggers active, but its also known to use the features IFEO has to offer to their own advantage. IFEO settings are stored in the Windows registry. Malwarebytes Anti-Malware checks the IFEO key for malicious entries, generically detects them as Security.Hijack or PUP.IFEO and is able to remove them. The intended use is for. debugging or for replacing applications, but using it as a means to simply stop the. executable from executing altogether has been common practice as well.”]

Source: https://blog.malwarebytes.com/101/2015/12/an-introduction-to-image-file-execution-options/

Exit mobile version