Run DLL with Rundll32

This TTP uses a DLL that is designed to be injected into a remote process where it will execute the binary listed in the Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Prelude\Operator key at bin_path. It can also grab a file from a remote http server and execute it.
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.


Test this TTP

Download Operator (1.7.1)