GrimResource - Microsoft Management Console for initial access and evasion

Krematorij · Aug 31, 2025

Elastic Security Labs has discovered a new method for initial access and evasion in the wild, termed GrimResource. It allows attackers to gain full code execution in the context of mmc.exe after a user clicks on a specially crafted MSC file.

GrimResource - Microsoft Management Console for initial access and evasion

Pop Calc POC:

p/s: I think this is an interesting topic, I would discuss the possibilities and ideas in the telegram chat (your suggestions)

Video demo Attach

cod7722 · Sep 15, 2025

healthcare · Sep 19, 2025

Koryphae · Sep 19, 2025

respect

DurlovAZ · Oct 2, 2025

wetbum3 · Oct 12, 2025

NinjaaGamers · Oct 21, 2025

captinteemo · Nov 5, 2025

Diviney · Feb 3, 2026

XLegenda · Feb 10, 2026

neonRDP · Feb 10, 2026

SeniorBuyer · Feb 24, 2026

Ryanxdesmond · Mar 4, 2026

RayPeenas · Mar 11, 2026

gus7repz · Mar 16, 2026

ONLYFANS_SHOP · Mar 23, 2026

JustNapster · Mar 26, 2026

LoveDog · Mar 28, 2026

Mehdi007xdx · May 2, 2026

Novaflux · May 29, 2026