Beyond good ol’ Run key, Part 32

September 12, 2015 in Anti-Forensics, Autostart (Persistence), Compromise Detection, Forensic Analysis, Malware Analysis

Updated 2018-12-15

Here are some more persistence tricks combined into a single post. I normally don’t post links, but sometimes it really makes sense and here is one of such cases. The below is a list of links covering many interesting persistence mechanisms that popped up on my radar and I don’t want to write about them in separate blog entries as others already did a great job researching and covering them – lots of very interesting concepts covered here:


After I posted this entry redp (author of blog) pinged me (thanks!) to add one more item I missed:

Update 2016

One more entry from the Adapt Forward web site:

Update 2017

  • Turns out the Netshell helper DLLs have been already discussed online in 2010 and 2013 (Thx Stefan K.)

Update 2017 #2

Update 2017 #3

Comments are closed.