A lot of persistance methods can be found and detected by Autoruns from SysInternals (also linked to VirusTotal)
A less known method and less detectable persistance method is the Keepass config file.
This is automated via the tool released by FireEye : https://github.com/fireeye/SharPersist
0
Recent Comments