QBot malware abuses Windows WordPad EXE to infect devices

The WordPad programme for Windows 10 contains a DLL hijacking vulnerability that the QBot malware operation has started to use to infect machines while avoiding detection by security products.

A DLL is a library file that contains routines that can be used concurrently by many programmes. An application will make an effort to load any necessary DLLs when it is launched. It accomplishes this by looking through specified Windows folders for the DLL and loading it when it is discovered. However, DLLs in the same location as the executable will be loaded first by Windows programmes, taking precedence over all other DLLs.

QBot malware abuses Windows WordPad EXE to infect devices

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

QBot malware abuses Windows WordPad EXE to infect devices

27-May-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address