all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

rundll32 DavSetCookie Command - What is normal?

Add to bookmarks
March 2, 2024, 2:44 a.m. | /u/DutifulEagle43

cybersecurity www.reddit.com

So this is something I’ve seen used numerous times for malicious use, and I was wondering if there are cases where the same activity is legitimate - and if so, how often?

What I’ve seen is svchost being utilized to give a computer access to remote resources, with the command line [C:\WINDOWS\system32\svchost.exe -k LocalService -p -s WebClient]. What usually spawns next is rundll32.exe, running the command line [rundll32.exe C:\WINDOWS\system32\davclnt.dll,DavSetCookie @ http://address/].

Usually this rundll32.exe command contains the IP address, port, …

address cases command cybersecurity ip address malicious normal port rundll32 what is

Visit resource

More from www.reddit.com / cybersecurity

Sensitive Information Inadvertently Exposed by Publicly Traded Company 2 hours ago | www.reddit.com
can clients code cybersecurity +14
Mentorship Monday - Post All Career, Education and Job questions here! 5 hours ago | www.reddit.com
advice ask asking career +13
Terrible interview process 8 hours ago | www.reddit.com
architect cutting cybersecurity endpoint +13
SecurityHeaders.org 10 hours ago | www.reddit.com
client cybersecurity download found +14
Is the CIA Triad created equal in practice? 11 hours ago | www.reddit.com
aspect availability cia confidentiality +10
How do you address your EDR platform when you aren’t receiving many true positives? 12 hours ago | www.reddit.com
address alerts behavior cybersecurity +8
What are some popular news or security content creators you guys follow to keep up … 12 hours ago | www.reddit.com
articles content creators creators cybersecurity +5
Looking for con suggestions that are mostly for skilled people not for vendors/management 14 hours ago | www.reddit.com
con corporate cybersecurity doing +7
How to effectively track security exceptions in mid-sized startup? 14 hours ago | www.reddit.com
aws basic cybersecurity database +19

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com