Malware often obfuscate their API calls and dynamically resolve the needed API calls. It would be better if we can apply the function signature after we handle the obfuscation and rename the function to its actual name. This can be done either automatically from the core, automatically from the UI, or manually triggered.
Related to #3205
Malware often obfuscate their API calls and dynamically resolve the needed API calls. It would be better if we can apply the function signature after we handle the obfuscation and rename the function to its actual name. This can be done either automatically from the core, automatically from the UI, or manually triggered.
Related to #3205