.. / Verclsid.exe
Star


Paths:


Resources:
https://gist.github.com/NickTyrer/0598b60112eaafe6d07789f7964290d5
https://bohops.com/2018/08/18/abusing-the-com-registry-structure-part-2-loading-techniques-for-evasion-and-persistence/

Acknowledgement:
Nick Tyrer - @NickTyrer


Detection:



Execute

Used to verify a COM object before it is instantiated by Windows Explorer
verclsid.exe /S /C {CLSID}
Usecase:Run a com object created in registry to evade defensive counter measures
Privileges required:User
OS:Windows 10
Mitre:T1218