32 lines
354 B
Markdown
32 lines
354 B
Markdown
## Openwith.exe
|
|
|
|
* Functions: Execute
|
|
|
|
```
|
|
OpenWith.exe /c C:\test.hta
|
|
|
|
OpenWith.exe /c C:\testing.msi
|
|
```
|
|
|
|
Acknowledgements:
|
|
* Matt harr0ey - @harr0ey
|
|
|
|
Code sample:
|
|
*
|
|
|
|
Resources:
|
|
* https://twitter.com/harr0ey/status/991670870384021504
|
|
|
|
Full path:
|
|
```
|
|
c:\windows\system32\Openwith.exe
|
|
c:\windows\sysWOW64\Openwith.exe
|
|
```
|
|
|
|
Notes:
|
|
|
|
|
|
Detection:
|
|
|
|
|