Windows

Msedge.exeMsedge.exe

Platform
Windows
Abuse functions
3
Mapped techniques
2

Description

Msedge.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Download, Execute. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MITRE crosswalk): T1105, T1218. Defenders should monitor execution of Msedge.exe under non-administrative or sudo contexts and alert when its arguments match the abuse-function signatures.

Abuse functions· 3

DownloadT1105

Download file from the internet

DownloadT1105

Download file from the internet

ExecuteT1218.015

Executes a process under a trusted Microsoft signed binary

MITRE ATT&CK techniques· 2

T1105T1218.015

Uses2

TypeTargetConfidenceTier
Techniquet1218.015100%live
TechniqueIngress Tool Transfert1105100%live

Abuses2

TypeTargetConfidenceTier
TechniqueIngress Tool Transfert110585%live
TechniqueSystem Binary Proxy Executiont121885%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

LOLbin
msedge_proxy.exe
LOLbin
msedgewebview2.exe
LOLbin
te.exe
LOLbin
Msconfig.exe
LOLbin
MsoHtmEd.exe
LOLbin
Msdeploy.exe
Sourced from LOLBAS Project. Curated by Adam Lundqvist, SQUR.