ID | E1569 |
Objective(s) | Execution |
Related ATT&CK Techniques | System Services (T1569) |
Version | 2.0 |
Created | 8 November 2021 |
Last Modified | 31 October 2022 |
Malware may abuse system services or daemons to execute.
See ATT&CK: System Services (T1569).
Name | ID | Description |
---|---|---|
MSDTC | E1569.m01 | The Distributed Transaction Coordinator (MSDTC) coordinates transaction across multiple resource managers (databases, message queues and file systems). This legitimate Microsoft service is part of Windows 2000 and later and can be used to import and load DLLs. Malware may abuse MSDTC to import and load DLLs.[1] |
[1] https://support.resolver.com/hc/en-ca/articles/207161116-Configure-Microsoft-Distributed-Transaction-Coordinator-MSDTC-