We’d like to introduce a new Zero-Day technique for injecting code and maintaining persistency on a machine (i.e. auto-run) dubbed DoubleAgent.
DoubleAgent can exploit:
* Every Windows version (Windows XP to Windows 10);
* Every Windows architecture (x86 and x64);
* Every Windows user (SYSTEM/Admin/etc.);
* Every target process, including privileged processes (OS/Antivirus/etc.);
DoubleAgent exploits a 15 years old legitimate feature of Windows and therefore cannot be patched.