An Overview of WMI Hijacking Techniques in Modern Malware

Ruben Andrei CONDOR

October 28, 2020

Promo Protect all your devices, without slowing them down.
Free 30-day trial
An Overview of WMI Hijacking Techniques in Modern Malware

The discovery of Stuxnet in 2010, followed by its in-depth analysis, uncovered several “industry firsts”, including hijacking of Windows Management Instrumentation (WMI) to enumerate users and spread to available network shares.

In the past decade, most of the malware features at least one technique to hijack WMI for persistence, discovery, lateral movement or defense evasion.

This whitepaper describes how WMI hijacking works and how it is used in several families of malware currently in existence.

Sounds interesting? Download the paper below:

Download the whitepaper now

tags


Author


Ruben Andrei CONDOR

I'm a young and enthusiastic security researcher at Bitdefender. Fascinated by cyber attacks, and driven by out-of-the-box thinking, I seek to understand how malicious actors think and operate.

View all posts

You might also like

Bookmarks


loader