Modern cyber-crime rings are becoming increasingly attracted to the use of
legitimate components to achieve their goals. Execution of malicious components
via DLL hijacking and persisting on affected systems by abusing legitimate
scheduled tasks and services are just a few examples of their agility and focus.

State-affiliated actors such as the notorious APT29 group have successfully used
this approach in the past by switching a binary responsible for updating Adobe
Reader with a malicious com