Tag
Adversaries can use the `ftype` command to modify Windows file associations, potentially redirecting legitimate file execution to malicious payloads for persistence, execution, and defense evasion.