A method for running 64-bit code in a 32-bit process. It is leveraged by cybercriminals to disguise malware and bypass security scanners to deliver a payload. The technique exploits a 64-bit handler embedded in a 32-bit Windows process for compatibility purposes. First described in the mid-2000s by a hacker under the pseudonym Roy G. Biv, it has been deployed in several malicious campaigns.