Memory Injections - CompTIA Security+ SY0-701 - 2.3

Name: Memory Injections - CompTIA Security+ SY0-701 - 2.3
Uploaded: 2023-11-08T18:03:09.000Z
Duration: 4 min 39 s

Understanding Malware Execution in Memory

How Software Operates in Memory

All software on a computer operates within memory, requiring loading from disk to execute via the CPU.

Malware must also enter memory to function, utilizing various processes like DLLs (Dynamic-Link Libraries), threads, and buffers.

Methods of Malware Execution

Malware can either run as an independent process or inject itself into an existing process in memory.

Injection allows malware to evade detection by anti-malware tools and gain the same permissions as the host process, potentially leading to privilege escalation.

Common Techniques: DLL Injection

One prevalent method of malware injection is DLL injection, where malicious DLL files are used to exploit legitimate processes.

Playlists: Page 2

Video description

Security+ Training Course Index: https://professormesser.link/701videos Professor Messer’s Course Notes: https://professormesser.link/701notes - - - - - Attackers can manipulate information in RAM to gain elevated access. In this video, you'll learn how memory and DLL injections are used in an attack. - - - - Subscribe to get the latest videos: https://professormesser.link/yt Calendar of live events: https://www.professormesser.com/calendar/ FOLLOW PROFESSOR MESSER: Professor Messer official website: https://www.professormesser.com/ Twitter: https://www.professormesser.com/twitter Facebook: https://www.professormesser.com/facebook Instagram: https://www.professormesser.com/instagram LinkedIn: https://www.professormesser.com/linkedin