TIL: The Process CommandLine is just the process own memory in | Malware News
TIL: The Process CommandLine is just the process own memory indicated by PEB->ProcessParameters->CommandLine->Buffer. Each process can freely change it, and easily fool all tools trying to read such value. Why anyone trusts it? 0gtweet