Tag

Mounted-Device

1 brief RSS

Suspicious Execution from a Mounted Device

Attackers may use mounted devices as a non-standard working directory to execute signed binaries or script interpreters, evading traditional defense mechanisms, particularly when launched via explorer.exe.

Windows defense-evasion execution mounted-device

2r 9t Jan 3, 2024