Shop Our Merch Report A Breach 1-877-550-4728

Home > Resources > Blog > Video Blog: Using DLL Persist to Avoid Detection

Video Blog: Using DLL Persist to Avoid Detection

September 12, 2022

By Scott Nusbaum in Incident Response, Incident Response & Forensics

During an Incident Response case, the TrustedSec IR team came across a novel method used by an attacker to maintain access to the target’s servers. After gaining access to the systems, the attacker then modified a DLL required by a service to include malicious code. This video demonstrates a similar process for embedding malicious code into a benign DLL to create a method of persistence that is not easily detected

Have you recently experienced a security breach?

Our Incident Response team assists clients in determining the WHAT, HOW, and WHEN of a breach, while developing a plan and process to contain any damage.

Learn More

More Like This

What You Need to Know About SBOM

March 30, 2023

By Charles Yost in Incident Response, Incident Response & Forensics, Research

Critical Outlook Vulnerability: In-Depth Technical Analysis and Recommendations (CVE-2023-23397)

March 17, 2023

By Olivia Cate, Justin Elze, Nick Gilberti, Leo Bastidas, Robert R. Lee Jr., Andrew Schwartz, Carlos Perez and Oddvar Moe in Incident Response, Incident Response & Forensics, Purple Team Adversarial Detection & Countermeasures, Research, Vulnerability Assessment

Red vs. Blue: Kerberos Ticket Times, Checksums, and You!

March 14, 2023

By Andrew Schwartz in Incident Response, Incident Response & Forensics, Penetration Testing, Purple Team Adversarial Detection & Countermeasures, Threat Hunting