TAXHAUL
TAXHAULTAXHAUL
Description
TAXHAUL is a DLL that, when executed, decrypts a shellcode payload expected at C:\Windows\System32\config\TxR\<machine hardware profile GUID>.TXR.0.regtrans-ms. Mandiant has seen TAXHAUL persist via DLL side loading.
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.