News Hackers Abusing Windows Management Interface Command Tool - Printable Version +- Red Security (https://redsecurity.info/cc) +-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1) +--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4) +--- Thread: News Hackers Abusing Windows Management Interface Command Tool (/showthread.php?tid=732) |
Hackers Abusing Windows Management Interface Command Tool - Mr.Kurd - 09-03-2018 In The Name OF Allah Al-Salam Alelkum Quote:Attackers use to deliver a shortcut file (.lnk) through URL or link in email or as an attachment, once the user opens the file contains a WMIC command, it downloads the malicious file from the attacker’s remote server. The file downloaded from the remote server is the malicious XSL(eXtensible Stylesheet Language) file and the malicious XSL contains the javascript which is executed using another legitimate application mshta[.]exe used in running Microsoft HTML Application Host.https://gbhackers.com/hackers-abusing-windows-management-interface-command-tool-to-deliver-malware-that-steal-email-account-passwords/amp/ Wa Salam Alekum |