Tag

Ifeo

1 brief RSS

Image File Execution Options (IFEO) Injection for Persistence and Defense Evasion

Attackers can establish persistence and evade defenses by modifying the Debugger and SilentProcessExit registry keys to perform Image File Execution Options (IFEO) injection, allowing them to intercept file executions and run malicious code.

Elastic Defend +3 persistence defense-evasion registry ifeo windows

3r 2t Jan 3, 2024