GrimResource - Microsoft Management Console for initial access and evasion
June 27, 2024, 5:26 p.m.
Tags
External References
Description
A novel, in-the-wild code execution technique leveraging Microsoft Management Console files (MSC) has been identified by Elastic Security researchers and was first spotted in the wild in June 2016 and is currently being investigated by VirusTotal.
Date
Published: June 27, 2024, 5:02 p.m.
Created: June 27, 2024, 5:02 p.m.
Modified: June 27, 2024, 5:26 p.m.
Indicators
c1bba723f79282dceed4b8c40123c72a5dfcf4e3ff7dd48db8cb6c8772b60b88
4cb575bc114d39f8f1e66d6e7c453987639289a28cd83a7d802744cd99087fd7
14bcb7196143fd2b800385e9b32cfacd837007b0face71a73b546b53310258bb
Attack Patterns
Cobalt Strike
T1055
T1027