Scribd Logo
Upload

Welcome to Scribd!

  • IoC Investigation

    Uploaded by

    Sergio Maldonado
    7 views2 pages
    This file uses credential dumping and process injection to gain unauthorized access to sensitive user information and escalate privileges on infected systems. It also checks for antivirus software and firewall configurations to evade detection while scanning for open applications to profile the user environment. Compromising security measures in this way could expose users to malware and the theft of usernames, passwords or other private data without their knowledge.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This file uses credential dumping and process injection to gain unauthorized access to sensitive user information and escalate privileges on infected systems. It also checks for antivirus software and firewall configurations to evade detection while scanning for open applications to profile the user environment. Compromising security measures in this way could expose users to malware and the theft of usernames, passwords or other private data without their knowledge.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    7 views2 pages

    IoC Investigation

    Uploaded by

    Sergio Maldonado
    This file uses credential dumping and process injection to gain unauthorized access to sensitive user information and escalate privileges on infected systems. It also checks for antivirus software and firewall configurations to evade detection while scanning for open applications to profile the user environment. Compromising security measures in this way could expose users to malware and the theft of usernames, passwords or other private data without their knowledge.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 2

    IoC Investigation

    This file uses Credential Dumping in order to gain a better credential for files. With more
    credentials, it could have access to more usernames and/or passwords. That could lead to a
    rabbit hole of problems for the unaware user, especially if it pertains to sensitive information.

    This file also sees if any anti-virus program is implemented. Also how well it's implemented. It
    can change the configuration of the firewall without the user's input. This could be like a
    faux-safety thing in the user's eye. They may think they have a great firewall that's active, but
    since it's been compromised, the user is letting in more harm than keeping it away.
    This file attempts to help the attacker find the environment you're in through Application Window
    Discovery. It basically tries to show what open applications are running, or ran to see how the
    computer is being used.

    This file also attempts Privilege Escalation through process injection. This is bad because the
    attacker can put in a malicious code, while a program is running. What this does is potentially
    bypass the security detection because its already being run as a trusted process.

    You might also like