research

RunDLL32.exe Obscurity

Sunday, May 2, 2021 by Admin research, tools

RunDLL Wierdness While working on building a couple new simulation modules for ATTACKIFY, we came across an interesting feature within rundll32.exe. When creating some test DLL files we created exported functions with the following names: So at this point our DLL has two exported functions named MyFunction and MyFunctionA (this was originally just testing). The first function, MyFunction could contain potentially malicious code, however in this case it only displays a message box to indicate where you are in the execution.

Continue Reading

Contact Us

Interested to find out more about ATTACKIFY?

Contact