all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

rundll32 DavSetCookie Command - What is normal?

Add to bookmarks
March 2, 2024, 2:44 a.m. | /u/DutifulEagle43

cybersecurity www.reddit.com

So this is something I’ve seen used numerous times for malicious use, and I was wondering if there are cases where the same activity is legitimate - and if so, how often?

What I’ve seen is svchost being utilized to give a computer access to remote resources, with the command line [C:\WINDOWS\system32\svchost.exe -k LocalService -p -s WebClient]. What usually spawns next is rundll32.exe, running the command line [rundll32.exe C:\WINDOWS\system32\davclnt.dll,DavSetCookie @ http://address/].

Usually this rundll32.exe command contains the IP address, port, …

address cases command cybersecurity ip address malicious normal port rundll32 what is

Visit resource

More from www.reddit.com / cybersecurity

The Risks of Scattered Logs and Why Centralised SIEM Is Better for Security 4 hours ago | www.reddit.com
companies cybersecurity event event management +21
How-To Install and Setup: Azure Arc, (AMA) Azure Monitor Agent and (DCR) Data Collection Rules … 6 hours ago | www.reddit.com
agent ama arc article +28
Iranian hackers pose as journalists to push backdoor malware 7 hours ago | www.reddit.com
backdoor cybersecurity hackers iranian +3
How deep into certifications should you go at “entry level?” 8 hours ago | www.reddit.com
administration certifications cybersecurity entry +10
Is SOC 2 Report Sufficient for Vendor Risk Management? 15 hours ago | www.reddit.com
application cybersecurity deployment friends +18
Attackers Employ Microsoft Graph API to Evade Detection 17 hours ago | www.reddit.com
api attackers cybersecurity detection +4
Cybersecurity Stash: Your One-Stop Directory for Security Tools and Resources! 17 hours ago | www.reddit.com
cybersecurity directory hey hub +6
I think I blew my last interview 20 hours ago | www.reddit.com
cybersecurity hello interview interviewing +4
On a scala of 0-10 how severe would you rate database credentials (root) in a … 1 day, 1 hour ago | www.reddit.com
attachments code credentials cybersecurity +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Officer

@ eSimplicity | Remote
View on infosec-jobs.com

Senior - Automated Cyber Attack Engineer

@ Deloitte | Madrid, España
View on infosec-jobs.com

Public Key Infrastructure (PKI) Senior Engineer

@ Sherwin-Williams | Cleveland, OH, United States
View on infosec-jobs.com

Consultant, Technology Consulting, Cyber Security - Privacy (Senior) (Multiple Positions) (1502793)

@ EY | Chicago, IL, US, 60606
View on infosec-jobs.com

Principal Associate, CSOC Analyst

@ Capital One | McLean, VA
View on infosec-jobs.com

Real Estate Portfolio & Corporate Security Lead

@ Lilium | Munich
View on infosec-jobs.com
View more jobs