![]() ![]() ![]() Loads the RPC (Remote Procedure Call) module DLLĪdversaries may abuse PowerShell commands and scripts for execution.Īdversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects. Input file contains API references not part of its Import Address Table (IAT)Ĭalls an API typically used to retrieve function addressĬalls an API typically used to find a resource in a moduleĬalls an API typically used to load a resource in memoryĬontains ability to modify process thread functionality (API string)Ĭontains ability to retrieve the fully qualified path of module (API string)Ĭontains ability to set/get the last-error code for a calling thread (API string)Īdversaries may execute malicious payloads via loading shared modules.Ĭalls an API typically used to load libraries Adversaries may interact with the native OS application programming interface (API) to execute behaviors. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |