{"version":"1.0","provider_name":"Blog - Silicon Cloud","provider_url":"https:\/\/www.silicloud.com\/blog","author_name":"Ava Mitchell","author_url":"https:\/\/www.silicloud.com\/blog\/author\/avamitchell\/","title":"Windows loads any DLL through AppInit.","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"5nV12VyY71\"><a href=\"https:\/\/www.silicloud.com\/blog\/windows-loads-any-dll-through-appinit\/\">Windows loads any DLL through AppInit.<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/www.silicloud.com\/blog\/windows-loads-any-dll-through-appinit\/embed\/#?secret=5nV12VyY71\" width=\"600\" height=\"338\" title=\"&#8220;Windows loads any DLL through AppInit.&#8221; &#8212; Blog - Silicon Cloud\" data-secret=\"5nV12VyY71\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/\/# sourceURL=https:\/\/www.silicloud.com\/blog\/wp-includes\/js\/wp-embed.min.js\n\/* ]]> *\/\n<\/script>\n","description":"Maliciously loading arbitrary DLL files through AppInit in Windows is a common technique used in malware attacks. AppInit is a configuration setting in the Windows operating system that specifies DLL files to be automatically loaded each time an application starts. Attackers can exploit this feature to load malicious DLL files for various attack purposes, such [&hellip;]"}