← LibraryTechnique entry
EDR-COM-HIJACK-LOLOBJPrivilege Escalation
COM Hijack via LOLObjects
Drop a payload registered under HKCU\Software\Classes\CLSID — fires when explorer.exe / Office / signed binaries load that COM object.
§ Where this technique fits
EDR-COM-HIJACK-LOLOBJ is catalogued under the Privilege Escalation tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.