Windows

TestWindowRemoteAgent.exeTestWindowRemoteAgent.exe

Platform
Windows
Abuse functions
1
Mapped techniques
1

Description

TestWindowRemoteAgent.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Upload. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MITRE crosswalk): T1567. Defenders should monitor execution of TestWindowRemoteAgent.exe under non-administrative or sudo contexts and alert when its arguments match the abuse-function signatures.

Abuse functions· 1

UploadT1048

Attackers may utilize this to exfiltrate data over DNS

MITRE ATT&CK techniques· 1

T1048

Uses1

TypeTargetConfidenceTier
TechniqueExfiltration Over Alternative Protocolt1048100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

LOLbin
Remote.exe
LOLbin
AgentExecutor.exe
LOLbin
wbemtest.exe
LOLbin
wt.exe
LOLbin
winfile.exe
LOLbin
te.exe
Sourced from LOLBAS Project. Curated by Adam Lundqvist, SQUR.