Brad Spengler
Brad Spengler
You would almost certainly need a private API account for VT for this to work reliably, with the one built into Cuckoo or even an Intelligence API account, you would...
This would require an associated change in cuckoomon to report the previous value on each modification. I'll look into it, thanks.
Cuckoomon currently logs all exceptions, even those that are handled. It's possible that the issue is unrelated to the exceptions reported.
You could try a binary-search strategy removal of hooks until the problem disappears. Or perhaps begin with setting the DISABLE_HOOK_CONTENT define in ntapi.h to 1 (to see if the issue...
Very odd, as DISABLE_HOOK_CONTENT will still result in the hook being placed and none of the changes made today affected 64-bit hooking ;)