.. /Verclsid.exe
Star

Used to verify a COM object before it is instantiated by Windows Explorer

Paths:

C:\Windows\System32\verclsid.exe
C:\Windows\SysWOW64\verclsid.exe

Resources:

Acknowledgements:

Nick Tyrer (@NickTyrer)

Detection:

Execute

Used to verify a COM object before it is instantiated by Windows Explorer
```
verclsid.exe /S /C {CLSID}
```
Use case
Run a com object created in registry to evade defensive counter measures

Privileges required
User

Operating systems
Windows 10, Windows 11

ATT&CK® technique
T1218.012