Filldocuments kryak5/25/2023 ![]() ![]() ![]() Process injection is a method of executing arbitrary code in the address space of a separate live process.įound a string that may be used as part of an injection methodĪdversaries may interact with the Windows Registry to gather information about the system, configuration, and installed software. Installs hooks/patches the running process Windows processes often leverage application programming interface (API) functions to perform tasks that require reusable system resources. Microsoft Office is a fairly common application suite on Windows-based operating systems within an enterprise network.Ĭontains embedded VBA macros with keywords that indicate auto-execute behaviorĬontains embedded VBA macros (normalized) Adversaries may execute a binary, command, or script via a method that interacts with Windows services, such as the Service Control Manager.Īn adversary may rely upon specific actions by a user in order to gain execution.Ĭontains embedded VBA macros with interesting stringsĬontains embedded VBA macros with suspicious keywords
0 Comments
Leave a Reply. |