![]() ![]() Loadable Kernel Modules (or LKMs) are pieces of code that can be loaded and unloaded into the kernel upon demand. Windows Management Instrumentation (WMI) is a Windows administration feature that provides a uniform environment for local and remote access to Windows system components.įound a reference to a WMI query string known to be used for VM detection Adversaries may execute a binary, command, or script via a method that interacts with Windows services, such as the Service Control Manager.
0 Comments
Leave a Reply. |