~Anyrun~
Threat actors abuse legitimate Windows binaries (e.g., rundll32, certutil) to execute malicious code and evade detection.
-
IOCs: (None identified)
-
#DefenseEvasion #LOLBin #ThreatIntel
0
0
0
0
Hashtag
#DefenseEvasion
Advertisement · 728 × 90
Recent #Xworm infections (esp. during tax season) follow a pattern:
mshta.exe → Scheduled Tasks → IEX execution.
#ThreatHunting #DetectionEngineering #MalwareAnalysis #DefenseEvasion
0
0
2
0
Abusing Windows COM objects for stealthy execution?
Use 'MMC20.Application' to execute commands outside direct process lineage tracking.
Works well against naive EDR correlation.
#RedTeam #DefenseEvasion #infosec #Cybersecurity #EDR
0
0
0
0