Serious Discussion Unexplored LOLBAS Technique: Wevtutil.exe

[correlate]

[correlate]

Level 18
Thread author
Verified
Top Poster
Well-known
May 4, 2019
826
Living Off the Land Binaries and Scripts (LOLBAS) techniques have become a go-to strategy for attackers. These methods rely on legitimate, pre-installed Windows tools to carry out malicious activities, often slipping past security controls unnoticed. In this post, we’re taking a closer look at a lesser-known use of wevtutil.exe, a utility built for managing Windows Event Logs, and how it can be leveraged as a powerful LOLBAS tool.
Click to expand...
Source: Denwp Research - Unexplored LOLBAS Technique: Wevtutil.exe
 
Last edited by a moderator:
  • Like
Reactions: Gandalf_The_Grey, Andy Ful and harlan4096

Similar threads

silversurfer
    • Like
    • +Reputation
LOLBAS in the Wild: 11 Living-Off-The-Land Binaries That Could Be Used for Malicious Purposes
Replies
0
Views
1,044
News Archive
silversurfer
silversurfer
silversurfer
    • Like
    • +Reputation
Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts
Replies
0
Views
1,320
News Archive
silversurfer
silversurfer
Sandbox Breaker - DFIR
    • Like
    • Applause
AWS SSM Agent can be used as a RAT
Replies
0
Views
1,508
News Archive
Sandbox Breaker - DFIR
Sandbox Breaker - DFIR

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top