← Back to Explore
T1218.013
Mavinject
Adversaries may abuse mavinject.exe to proxy execution of malicious code. Mavinject.exe is the Microsoft Application Virtualization Injector, a Windows utility that can inject code into external processes as part of Microsoft Application Virtualization (App-V).(Citation: LOLBAS Mavinject) Adversaries may abuse mavinject.exe to inject malicious DLLs into running processes (i.e. [Dynamic-link Library Injection](https://attack.mitre.org/techniques/T1055/001)), allowing for arbitrary code execution...
Windows
3
Detections
2
Sources
0
Threat Actors
BY SOURCE
2sigma1splunk_escu
PROCEDURES (2)
Process Creation Monitoring2 detections
Auto-extracted: 2 detections for process creation monitoring
General Monitoring1 detections
Auto-extracted: 1 detections for general monitoring