Video Blog: Using DLL Persist to Avoid Detection

September 12, 2022

During an Incident Response case, the TrustedSec IR team came across a novel method used by an attacker to maintain access to the target’s servers. After gaining access to the systems, the attacker then modified a DLL required by a service to include malicious code. This video demonstrates a similar process for embedding malicious code into a benign DLL to create a method of persistence that is not easily detected

  • Browse by Category

  • Clear Form
incident response forensics

Have you recently experienced a security breach?

Our Incident Response team assists clients in determining the WHAT, HOW, and WHEN of a breach, while developing a plan and process to contain any damage.

Learn More