Demo
Share
 
 
 
 
 
 
 
 
 

Technique T1574

Hijack Execution Flow

This is Hijack Execution Flow’s first appearance in the Threat Detection Report, and its prevalence is due to threats leveraging its DLL Search Order Hijacking sub-technique, which made the list in 2020.

#10

Technique rank

8.4%

Organizations affected

859

Confirmed threats
Prevalent Sub-techniques
T1574.001
DLL Search Order Hijacking
DLL Search Order Hijacking

#5

Sub-technique rank

7.8%

organizations affected

846

confirmed threats

Ranking fifth among sub-techniques, DLL Search Order Hijacking is popular among adversaries because it allows them to introduce malicious binaries in a way that can be exceedingly difficult to detect.

SEE MORE

Definition

T1036: Masquerading
"Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names."
Match Legitimate Name or Location
DLL Search Order Hijacking
 

See what it's like to have a partner in the fight.

Experience the difference between a sense of security and actual security.
Demo
Download the report

All 2021 Threat Detection Report content is fully available through this website. If you prefer to download a PDF, just fill out this form and let us know what email to send it to.

Thanks for your interest!

Check your inbox, the 2021 Threat Detection Report is headed your way.