...
Relevant Mitre tactics:
Mitre T1055 - Process injection, as described above. Used to evade malware detection by allowing the target process to continue operating normally while executing malicious code.
Mitre T1559 - Inter-Process communication can provide control over the target process from the injector once the injection is complete.
Mitre T1569 - Injecting into a system service such as an existing
svchost
can disguise malicious code to be reported as running from a well known and trusted process.
What are the consequences?
...