Exploit.T1170Execution

Short bio

Exploit.T1170Execution is Malwarebytes' detection name for the malicious usage of mshta.exe.

Technique

Exploit.T1170Execution monitors, detects, and blocks the malicious usage of mshta.exe. T1170 is a reference to the Mitre Att&ck technique System Binary Proxy Execution: Mshta: Adversaries may abuse mshta.exe to proxy execution of malicious .hta files and Javascript or VBScript through a trusted Windows utility. Mshta.exe is a utility that executes Microsoft HTML Applications (HTA) files. HTAs are standalone applications that execute using the same models and technologies of Internet Explorer, but outside of the browser.

Protection

Malwarebytes protects your system(s) by blocking the malicious usage of mshta.exe and displays the message T1170 - Execution
list of Exploit detections in Nebula

Related blog content

Anti-exploit settings in Malwarebytes Nebula

What is Exploit Protection

Select your language

New Buy Online Partner Icon Warning Icon Edge icon