FalconFriday — DLL hijacking & suspicious unsigned files

Post-Image

FalconFriday — DLL hijacking & suspicious unsigned files

  • By Henri Hambartsumyan
  • at November 6, 2020

In today’s edition, we’ll cover two techniques: privilege escalation through DLL hijacking and masquerading files as unsigned processes.

Today’s content

Privilege escalation through DLL hijacking.
Execution of unsigned files that are supposed to be signed.

Cross post from medium.com, please read the full article here:

https://medium.com/falconforce/falconfriday-dll-hijacking-suspicious-unsigned-files-0xff06-7b2c2a9dcae6

Direct link to our Github page:

https://github.com/FalconForceTeam/FalconFriday