|
gptkbp:instanceOf
|
gptkb:software
|
|
gptkbp:canBe
|
incident response
automation workflows
penetration testing
batch scripts
|
|
gptkbp:canBypassUAC
|
true
|
|
gptkbp:canRedirectOutput
|
true
|
|
gptkbp:canRunAs
|
SYSTEM account
other user accounts
|
|
gptkbp:canRunInteractive
|
true
|
|
gptkbp:canRunNonInteractive
|
true
|
|
gptkbp:category
|
remote desktop software
command-line software
Windows utilities
|
|
gptkbp:commandLineTool
|
true
|
|
gptkbp:developedBy
|
gptkb:Sysinternals
gptkb:Mark_Russinovich
|
|
gptkbp:developer
|
gptkb:Microsoft
|
|
gptkbp:executableName
|
gptkb:PsExec.exe
|
|
gptkbp:features
|
can be used by attackers for lateral movement
|
|
gptkbp:firstReleased
|
2001
|
|
gptkbp:function
|
remote administration
remote command execution
remote process creation
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
PsExec
|
|
gptkbp:latestReleaseVersion
|
2.40
2022-09-29
|
|
gptkbp:license
|
Freeware
|
|
gptkbp:mentionedIn
|
gptkb:MITRE_ATT&CK_framework
|
|
gptkbp:notableFor
|
lightweight remote execution
no need for client software installation
|
|
gptkbp:operatingSystem
|
gptkb:Windows
|
|
gptkbp:partOf
|
gptkb:Sysinternals_Suite
|
|
gptkbp:platform
|
gptkb:Windows_NT_family
gptkb:Windows_10
gptkb:Windows_7
gptkb:Windows_XP
gptkb:Windows_Server
|
|
gptkbp:requires
|
network connectivity
administrative privileges
file and printer sharing enabled
|
|
gptkbp:supportsProtocol
|
gptkb:SMB
|
|
gptkbp:usedFor
|
system administration
remote troubleshooting
remote software installation
|
|
gptkbp:website
|
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec
|
|
gptkbp:bfsParent
|
gptkb:NotPetya
gptkb:NotPetya_malware
|
|
gptkbp:bfsLayer
|
6
|