Intel Name: Loaded module enumeration via tasklist.exe
Date of Scan: February 7, 2025
Impact: Medium
Summary: Detects the enumeration of a particular DLL or EXE by a binary using “tasklist.exe.” Attackers commonly use this technique to identify the specific process identifier (PID) associated with the DLL, often for the purpose of dumping the process memory or carrying out other malicious activities.
