.. /Regasm.exe
Star

Part of .NET


Paths:

Resources:
Acknowledgements:

Detection:

AWL bypass

Loads the target .DLL file and executes the RegisterClass function.
regasm.exe AllTheThingsx64.dll
Usecase: Execute code and bypass Application whitelisting
Privileges required: Local Admin
OS: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11
MITRE ATT&CK®: T1218.009



Execute

Loads the target .DLL file and executes the UnRegisterClass function.
regasm.exe /U AllTheThingsx64.dll
Usecase: Execute code and bypass Application whitelisting
Privileges required: User
OS: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11
MITRE ATT&CK®: T1218.009