Turla - Snake - day2 -DLL injection into taskhostw.exe is not happening

### Contribution Description

Hi, I am trying to emulate Turla Snake Day 2. I compile snake drivers and installer also compiled EPIC payload to connect my control server. EPIC payload successfully connects to control server and from control server I copied snake payload to victim machine and executed snake installer.
Snake installer successfully loaded vulnerable driver and deleted. Now on edge I browsed some url to make some internet connections. And i can see "C:\Windows\msnsvcx64.dll" is loaded in msedge.exe process. Heartbeat was sent and contrl server responded with "1". now I don't see injection into taskhostw.exe and GUID is not registered on control server. What could be the problem? could you please guide me. 

### Supporting files or evidence

_No response_

### Where did you find this information?

_No response_

### Operating System

Windows

### Code of Conduct

- [X] I agree I am allowed to share this information and agree with the [Developer's Certificate of Origin](https://github.com/center-for-threat-informed-defense/adversary_emulation_library/blob/master/CONTRIBUTING.md).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Turla - Snake - day2 -DLL injection into taskhostw.exe is not happening #165

Contribution Description

Supporting files or evidence

Where did you find this information?

Operating System

Code of Conduct

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Turla - Snake - day2 -DLL injection into taskhostw.exe is not happening #165

Description

Contribution Description

Supporting files or evidence

Where did you find this information?

Operating System

Code of Conduct

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions