![]() Īn APT3 downloader uses the Windows command "cmd.exe" /C whoami. The group has also used macros to execute payloads. Īn APT28 loader Trojan uses a cmd.exe and batch script to run its payload. ĪPT18 uses cmd.exe to execute commands on the victim’s machine. ĪPT1 has used the Windows command shell to execute commands, and batch scripting to automate execution. Īnchor has used cmd.exe to run its self deletion routine. ĪDVSTORESHELL can create a remote shell and run a given command. exploitation with LOWBALL malware, actors created a file containing a list of commands to be executed on the compromised computer. Īction RAT can use cmd.exe to execute commands on an infected host. ĪBK has the ability to use cmd to run a Portable Executable (PE) on the compromised host. ĤH RAT has the capability to create a remote shell. During the 2016 Ukraine Electric Power Attack, Sandworm Team used the xp_cmdshell command in MS-SQL. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |