by matporec | Jun 8, 2023 | File Extentions Tips
Actors leveraged the legitimate w3wp.exe process on the IIS server to write malicious DLL files and evade detection. Some of the analyzed samples can load additional libraries; enumerate the system, processes, files, directories ; and write files. One other thing to...