---
url: "https://malwaretech.com/wiki/locating-modules-via-the-peb-x64"
title: "Locating Modules Via The PEB (Process Environment Block)"
image: "https://malwaretech.com/images/wiki/locating-modules-via-the-peb-x64/module_list_output.png"
---

# Locating Modules Via The PEB (Process Environment Block)

The PEB_LDR_DATA_TABLE is a table of information on loaded modules, which is pointed to by the PEB (process environment block). This table is often used by malicious code to find information without having to make any API calls, reducing the chance of detection and enabling position-independence.
