The Key to Identify PsExec

Summary: In one way or another, PsExec - a wildly popular remote administration tool in the Microsoft SysInternals Suite - peeks its head in the wild. Threat actors tend to leverage PsExec for various reasons, such as executing programs on a remote host in a victim’s environment, or for more nefarious reasons, such as deploying ransomware. The focus of this blog is to bring attention to a relatively new method of identifying the source host…
Read More