Product
Adversaries may abuse compiled HTML files (.chm) to execute malicious code by proxying execution via hh.exe, often leading to command execution via scripting interpreters.