Tag
This brief details the use of rundll32.exe to create remote threads into other processes, a technique observed with malware like IcedID, enabling defense evasion, arbitrary code execution, privilege escalation, and data theft on Windows endpoints.