Tag
Attackers may leverage the mofcomp.exe utility to compile malicious MOF files, enabling them to manipulate the Windows Management Instrumentation (WMI) repository for persistence or execution of arbitrary code.