Rundll32: The Infamous Proxy for Executing Malicious Code

Take a deeper dive into an often abused Microsoft-signed tool, the infamous rundll32.exe, which allows adversaries to execute malicious code during their offensive operations through a technique which we explain in detail

Rundll32: The Infamous Proxy for Executing Malicious Code

The Windows Process Journey: by Dr. Shlomi Boutnaru, PDF, Windows Registry

Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike – Sophos News

Microsoft experts linked Raspberry Robin malware to Evil Corp

4 malicious campaigns, 13 confirmed victims, and a new wave of APT41 attacks

Rundll32: The Infamous Proxy for Executing Malicious Code

Virus Bulletin on X: The Cybereason Blue Team describe how Microsoft's rundll32.exe tool, which allows code to be loaded and executed, is often used by adversaries during their offensive operations. /

Swedish Windows Security User Group » ransomware

Rundll32 Injected with mining malware - Microsoft Community

Rundll32: The Infamous Proxy for Executing Malicious Code

Second Windows 7 beta UAC security flaw: malware can silently self-elevate with default UAC policy