Persistence via Windows Services
Windows Services are the main vehicle used by the Windows OS to start and run background functions that do not require user interaction. Configuring malware to run as a service is a common strategy for trying to blend malicious code execution in with other legitimate Windows functions. Prevent adversaries from gaining persistence in this course.
Already have an account? Sign In »
Module 1: APT41 Introduction
Module 2: Persistence via Windows Services
TA0003 Persistence is the general group of techniques used by an adversary to retain access to a compromised system in a way that should survive a reboot and other common disruptions to running processes. This course will explore the T1543 Create or Modify System Process technique, more specifically the .003 Windows Service sub-technique.
Apply what you learn and get the hands-on skills you need in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the threat group APT41 (aka Double Dragon). Prevent adversaries from accomplishing the tactic of persistence.
Technical Manager, Red Team
Complete this entire course to earn a Persistence via Windows Services Certificate of Completion