Image File Execution Options Injection: Debugger

This procedure makes a backup of the sethc.exe utility and modifies a registry key that configures an agent as a "debugger" for sethc.exe providing persistent backdoor access.
View Command

You must be logged in to view this TTPs command.


Test this TTP

Download Operator (1.7.1)