Voulnet
commented
7 years ago Just change it to what you want and make sure no caching is being done on the files being fetched from the web server.
Closed ghost closed 7 years ago
Voulnet
commented
7 years ago Just change it to what you want and make sure no caching is being done on the files being fetched from the web server.
SALAMO 3alaykom brother, i tried to replace mspaint.exe in cmd.hta file with my own powershell payload ,but no success , the document file still run the mspaint.exe !! can you help me with this.