mirror of
https://github.com/LOLBAS-Project/LOLBAS
synced 2024-12-30 16:54:00 +01:00
749 B
749 B
Msdt.exe
- Functions: Execute
Open .diagcab package
msdt.exe -path C:\WINDOWS\diagnostics\index\PCWDiagnostic.xml -af C:\PCW8E57.xml /skip TRUE
Executes the Microsoft Diagnostics Tool and executes the malicious .MSI referenced in the PCW8E57.xml file.
-
Resources:
-
Full path:
- C:\Windows\System32\Msdt.exe
- C:\Windows\SysWOW64\Msdt.exe
-
Notes: Thanks to: See the Payloads folder for an example PCW8E57.xml file.