attack.t1137.006 | Detection.FYI

Potential Persistence Via Microsoft Office Add-In
Feb 23, 2023 · attack.persistence attack.t1137.006 ·
Share on:
Detects potential persistence activity via startup add-ins that load when Microsoft Office starts (.wll/.xll are simply .dll fit for Word or Excel).

Read More
Potential Persistence Via Excel Add-in - Registry
Jan 30, 2023 · attack.persistence attack.t1137.006 ·
Share on:
Detect potential persistence via the creation of an excel add-in (XLL) file to make it run automatically when Excel is started.

Read More
Code Executed Via Office Add-in XLL File
Jan 27, 2023 · attack.persistence attack.t1137.006 ·
Share on:
Adversaries may abuse Microsoft Office add-ins to obtain persistence on a compromised system. Office add-ins can be used to add functionality to Office programs

Read More
Potential Persistence Via Visual Studio Tools for Office
Jan 11, 2023 · attack.t1137.006 attack.persistence ·
Share on:
Detects persistence via Visual Studio Tools for Office (VSTO) add-ins in Office applications.

Read More