all InfoSec news
rundll32 DavSetCookie Command - What is normal?
March 2, 2024, 2:44 a.m. | /u/DutifulEagle43
cybersecurity www.reddit.com
What I’ve seen is svchost being utilized to give a computer access to remote resources, with the command line [C:\WINDOWS\system32\svchost.exe -k LocalService -p -s WebClient]. What usually spawns next is rundll32.exe, running the command line [rundll32.exe C:\WINDOWS\system32\davclnt.dll,DavSetCookie @ http://address/].
Usually this rundll32.exe command contains the IP address, port, …
address cases command cybersecurity ip address malicious normal port rundll32 what is
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Senior Security Officer
@ eSimplicity | Remote
Senior - Automated Cyber Attack Engineer
@ Deloitte | Madrid, España
Public Key Infrastructure (PKI) Senior Engineer
@ Sherwin-Williams | Cleveland, OH, United States
Consultant, Technology Consulting, Cyber Security - Privacy (Senior) (Multiple Positions) (1502793)
@ EY | Chicago, IL, US, 60606
Principal Associate, CSOC Analyst
@ Capital One | McLean, VA
Real Estate Portfolio & Corporate Security Lead
@ Lilium | Munich