Skip to content

Hide Navigation Hide TOC

Suspicious JavaScript Execution Via Mshta.EXE (67f113fa-e23d-4271-befa-30113b3e08b1)

Detects execution of javascript code using "mshta.exe".

Cluster A Galaxy A Cluster B Galaxy B Level
Mshta - T1218.005 (840a987a-99bd-4a80-a5c9-0cb2baa6cade) Attack Pattern Suspicious JavaScript Execution Via Mshta.EXE (67f113fa-e23d-4271-befa-30113b3e08b1) Sigma-Rules 1
Mshta - T1218.005 (840a987a-99bd-4a80-a5c9-0cb2baa6cade) Attack Pattern System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern 2