Zero Day Initiative — Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2
Tags
attack-pattern: Data File Deletion - T1070.004 File Deletion - T1630.002 Impersonation - T1656 Malicious File - T1204.002 Tool - T1588.002 Vulnerabilities - T1588.006 File Deletion - T1107
Show in Graph
Common Information
Type Value
UUID 6ef2286e-0023-429c-87d4-b3cf17670158
Fingerprint 9a91895d29ec57d3
Analysis status DONE
Considered CTI value 2
Text language
Published July 30, 2024, midnight
Added to db Aug. 31, 2024, 10:35 a.m.
Last updated Nov. 16, 2024, 12:12 p.m.
Headline Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2
Title Zero Day Initiative — Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2
Detected Hints/Tags/Attributes 39/1/11
Source URLs
Redirection Url
Details Source https://www.thezdi.com/blog/2024/7/30/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-2
URL Provider
Details Provider Source level domain
Details thezdi.com www.thezdi.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 400 Zero Day Initiative - Blog https://www.zerodayinitiative.com/blog/?format=rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 2 
cve-2024-0353
Details CVE 2 
cve-2024-7238
Details CVE 2 
cve-2024-7227
Details CVE 2 
cve-2024-7234
Details CVE 2 
cve-2024-7240
Details CVE 2 
cve-2024-4454
Details File 53 
ekrn.exe
Details File 5 
c:\config.msi
Details File 1 
c:\lpe pointing to \basenamedobjects\restricted\    watch as  c:\config.msi
Details File 3 
eamonm.sys
Details File 7 
sbamsvc.exe