DLL Injection via CreateRemoteThread and LoadLibrary

Similar to a hook injection a process can insert a malicious DLL to be use by the system. This technique is one of the most common techniques used to inject malware into another process. The malware writes the path to its malicious dynamic-link library (DLL) in the virtual address space of another process, and ensures the remote process loads it by creating a remote thread in the target process.


Additional Resources

Subscribe to our Newsletter and don't miss important updates