Living Off the Land

Introduction

Windows Sysinternals

LOLBAS Project

File Operations

File Execution

Application Whitelisting Bypasses

Other Techniques

Real-life Scenario

Astaroth: Banking Trojan

Microsoft Discovers Fileless Malware Campaign Dropping Astaroth Info Stealer

Astaroth malware hides command servers in YouTube channel descriptions

Conclusion

GTFOBins - The Linux version of the LOLBAS project.
Astaroth: Banking Trojan - A real-life malware analysis where they showcase using the Living Off the Land technique used by Malware.

PreviousEvading Logging and Monitoring NextNetwork Security Evasion

Last updated 1 year ago