Bypassing Windows 10 UAC with mock folders and DLL hijacking
Tags
attack-pattern: Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Software - T1592.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID f915c92f-2783-4e82-bb92-2691070704bd
Fingerprint 1c8dad7dbb2554e6
Analysis status DONE
Considered CTI value 0
Text language
Published July 31, 2020, midnight
Added to db Jan. 18, 2023, 10:51 p.m.
Last updated Nov. 12, 2024, 6:45 p.m.
Headline Bypassing Windows 10 UAC with mock folders and DLL hijacking
Title Bypassing Windows 10 UAC with mock folders and DLL hijacking
Detected Hints/Tags/Attributes 29/1/7
Source URLs
Redirection Url
Details Source https://www.bleepingcomputer.com/news/security/bypassing-windows-10-uac-with-mock-folders-and-dll-hijacking/
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
Attributes
Details Type #Events CTI Value
Details File 1 
winstat.exe
Details File 3 
d3d10.dll
Details File 7 
d3d11.dll
Details File 89 
version.dll
Details File 13 
profapi.dll
Details File 27 
computerdefaults.exe
Details File 117 
taskmgr.exe