← Back to Explore
T1574.005
Executable Installer File Permissions Weakness
Adversaries may execute their own malicious payloads by hijacking the binaries used by an installer. These processes may automatically execute specific binaries as part of their functionality or to perform other actions. If the permissions on the file system directory containing a target binary, or permissions on the binary itself, are improperly set, then the target binary may be overwritten with another binary using user-level permissions and executed by the original process. If the original p...
Windows
2
Detections
1
Sources
1
Threat Actors
BY SOURCE
2sigma
PROCEDURES (1)
Process Creation Monitoring2 detections
Auto-extracted: 2 detections for process creation monitoring