Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-18 19:23:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Extract sus activity logging

Browse Source
This commit is contained in:
momo5502
2025-06-04 19:28:50 +02:00
parent 5609de9dde
commit 84e8e86b94
5 changed files with 31 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/windows-emulator/syscalls/thread.cpp
View File

@@ -26,7 +26,7 @@ namespace syscalls
if (info_class == ThreadHideFromDebugger)
{
c.win_emu.log.print(color::pink, "--> Hiding thread %X from debugger!\n", thread->id);
c.win_emu.callbacks.on_suspicious_activity("Hiding thread from debugger");
return STATUS_SUCCESS;
}
@@ -470,7 +470,7 @@ namespace syscalls
thread_context.access([&](CONTEXT64& context) {
if ((context.ContextFlags & CONTEXT_DEBUG_REGISTERS_64) == CONTEXT_DEBUG_REGISTERS_64)
{
c.win_emu.log.print(color::pink, "--> Reading debug registers!\n");
c.win_emu.callbacks.on_suspicious_activity("Reading debug registers");
}
cpu_context::save(c.emu, context);
@@ -509,7 +509,7 @@ namespace syscalls
if ((context.ContextFlags & CONTEXT_DEBUG_REGISTERS_64) == CONTEXT_DEBUG_REGISTERS_64)
{
c.win_emu.log.print(color::pink, "--> Setting debug registers!\n");
c.win_emu.callbacks.on_suspicious_activity("Setting debug registers");
}
return STATUS_SUCCESS;