detection icon

Short bio

Exploit.T1170Execution is Malwarebytes’ detection name for the malicious usage of mshta.exe.


Exploit.T1170Execution monitors, detects, and blocks the malicious usage of mshta.exe. T1170 is a reference to the Mitre Att&ck technique System Binary Proxy Execution: Mshta: Adversaries may abuse mshta.exe to proxy execution of malicious .hta files and Javascript or VBScript through a trusted Windows utility. Mshta.exe is a utility that executes Microsoft HTML Applications (HTA) files. HTAs are standalone applications that execute using the same models and technologies of Internet Explorer, but outside of the browser.


Malwarebytes protects your system(s) by blocking the malicious usage of mshta.exe and displays the message T1170 – Execution

list of Exploit detections in Nebula