Modifies auto-execute functionality by setting/creating a value in the registryĪdversaries may use bootkits to persist on systems. Adversaries may use the Windows Component Object Model (COM) for local code execution.Īdversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code.Īdversaries may abuse the Windows Task Scheduler to perform task scheduling for initial or recurring execution of malicious code.Īdversaries may abuse the Windows service control manager to execute malicious commands or payloads.Īdversaries may directly interact with the native OS application programming interface (API) to execute behaviors.Īdversaries may abuse shared modules to execute malicious payloads.Īdversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |