Share
## https://sploitus.com/exploit?id=70B553ED-A95C-579D-8675-9E90EB675173
# DRive

Just a POC, Combining Everything

## Theory

The `IsSupportedOSVersion()` function verifies whether the operating system version is supported. In case it's not, Well Well

For a little trick, `timing_SetTimer()` sets a timer, delaying action until its expiration, ensuring synchronization with specific system events or avoiding detection by delaying malicious activities.

When it comes to self-replication, the malware takes a naïve approach, injections into processes running on the operating system, DRive acts as a backdoor, establishing persistence mechanisms.

My favorite part is `CVE-2024-26229` triggering a Local PrivEsc (LPE), And when it's all done and good, the malware transmits "beacon" signals to a command and control (C2) server.