New Persistence Technique: Windows Time Provider #20825
Description
I gave this a try, it seems to execute the DLL (aka if i change the path to be incorrect it throws an error), however no shell was ever given.
I was trying with just a meterp dll, nothing special.
https://hadess.io/the-art-of-windows-persistence/ (see Time provider)
https://github.com/scottlundgren/w32time
https://github.com/otterpwn/w32TimePersistence?tab=readme-ov-file