Skip to content

Hide Navigation Hide TOC

Potential LethalHTA Technique Execution (ed5d72a6-f8f4-479d-ba79-02f6a80d7471)

Detects potential LethalHTA technique where the "mshta.exe" is spawned by an "svchost.exe" process

Cluster A Galaxy A Cluster B Galaxy B Level
Mshta - T1218.005 (840a987a-99bd-4a80-a5c9-0cb2baa6cade) Attack Pattern Potential LethalHTA Technique Execution (ed5d72a6-f8f4-479d-ba79-02f6a80d7471) Sigma-Rules 1
Mshta - T1218.005 (840a987a-99bd-4a80-a5c9-0cb2baa6cade) Attack Pattern System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern 2