![]() The group also uses a tool to execute commands on remote computers. Īn APT3 downloader uses the Windows command "cmd.exe" /C whoami. ĪPT29 used cmd.exe to execute commands on remote machines. The group has also used macros to execute payloads. Īn APT28 loader Trojan uses a cmd.exe and batch script to run its payload. ĪPT18 uses cmd.exe to execute commands on the victim’s machine. ĪPT1 has used the Windows command shell to execute commands, and batch scripting to automate execution. Īnchor has used cmd.exe to run its self deletion routine. ĪDVSTORESHELL can create a remote shell and run a given command. exploitation with LOWBALL malware, actors created a file containing a list of commands to be executed on the compromised computer. Īction RAT can use cmd.exe to execute commands on an infected host. ĪBK has the ability to use cmd to run a Portable Executable (PE) on the compromised host. 4H RAT has the capability to create a remote shell. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |