Summary
Execute a .NET Framework assembly in-process with the specified arguments. This assembly must first be cached in the agent using theregister_assembly command before being executed.
This command does not patch Environment.Exit, and as a result, should the assembly call this function, the agent itself will exit.
Arguments
Assembly
The name of the assembly to execute. This must match the file name used withregister_file.
Arguments (optional)
Arguments to pass to the assembly.Usage
MITRE ATT&CK Mapping
- T1547
Special Thanks
Mayllart submitted the initial PR for this module. You can find him on his socials here:| Social | Handle |
|---|---|
| Github | https://github.com/thiagomayllart |
| @thiagomayllart | |
| BloodHoundGang Slack | @Mayllart |