Remote access tool – meshagent command execution via meshcentral

Intel Name: Remote access tool – meshagent command execution via meshcentral

Date of Scan: September 23, 2024

Impact: Medium

Summary:
Identifies the use of MeshAgent for executing commands on the target host, especially when threat actors exploit it for direct command execution. MeshAgent can leverage win-console to conceal their actions and use win-dispatcher to run malicious code via IPC with child processes.

More Details