GitHub

LOLBAS /Archive-Old-Version /OSBinaries

mshta.exe evilfile.hta Opens the target .HTA and executes embedded JavaScript, JScript, or VBScript. mshta.exe vbscript:Close(Execute("GetObject(""script:https ...
Bitdefender

Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows

MSHTA still fits this model well [10]. It is present by default on Windows systems, can execute script content in-memory, and can retrieve content from remote locations. These properties make it ...
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based ...