---
Name: Nvuhda6.exe
Description: Execute, Copy, Add registry, Create shortcut, kill process
Author: ''
Created: '2018-05-25'
Categories: []
Commands:
  - Command: nvuhda6.exe System calc.exe
    Description: Execute calc.exe as a subprocess.
  - Command: nvuhda6.exe Copy test.txt,test-2.txt
    Description: Copy fila A to file B.
  - Command: nvuhda6.exe SetReg HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\malware=malware.exe
    Description: Add/Edit a Registry key value
  - Command: nvuhda6.exe CreateShortcut test.lnk,"Test","C:\Windows\System32\calc.exe","","C:\Windows\System32\"
    Description: Create shortcut file.
  - Command: nvuhda6.exe KillApp calc.exe
    Description: Kill a process.
  - Command: nvuhda6.exe Run foo
    Description: Run process
Full_Path:
  - Missing
Code_Sample: []
Detection: []
Resources:
  - http://www.hexacorn.com/blog/2017/11/10/reusigned-binaries-living-off-the-signed-land/
Notes: Thanks to Adam - @hexacorn