RAT Delivered Through FODHelper , (Thu, Sep 22nd)

This post was originally published on this site

I found a simple batch file that drops a Remcos[1] RAT through an old UAC Bypass technique. This technique is based on the "fodhelper" utility ("Features On Demand Helper"). Once launched, this tool will search for specific registry keys and, if present, will execute their content with high privileges.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.