There's some really cool research coming from @dtmsecurity.... Keep an eye on the @MDSecLabs blog for more info
I found an interesting #LOLBIN using Windows Update Client (wuauclt.exe) as a loader - blog, pull request to LOLBAS and in the wild sample here dtm.uk/wuauclt/ - I am hoping to finalise some of my work on the methodology I used soon @MDSecLabs so keep your eyes posted.
3
4
49
Thanks for the information buddy, suspected it had not been there in earlier versions but did not do much digging ๐
8:28 AM ยท Oct 13, 2020
1
0
2
GIF


