Product

Vmware Tools

2 briefs RSS

Persistence via Windows Installer (Msiexec)

Adversaries may establish persistence by abusing the Windows Installer (msiexec.exe) to create scheduled tasks or modify registry run keys, allowing for malicious code execution upon system startup or user logon.

Windows +21 persistence defense-evasion

3r 3t Sep 5, 2024

medium advisory

Potential Persistence via Time Provider Modification

2 rules 2 TTPs

Adversaries may establish persistence by registering and enabling a malicious DLL as a time provider by modifying registry keys associated with the W32Time service.

Windows +1 persistence privilege-escalation time-provider

2r 2t Jan 3, 2024