Skip to content
Auto-CTI
Back to all deep dives
CISCO TALOS BLOG

Introduction to COM usage by Windows threats

HIGH COM Windows Qakbot lateral movement
Introduction to COM usage by Windows threats

Strategic summary

Researchers systematically document how malware abuses COM interfaces for lateral movement, persistence, and Windows automation, with Qakbot presented as a case study and reverse-engineering tools discussed.

Relevance for you

Cisco Talos documents systematically how malware exploits COM interfaces for lateral movement, persistence, and evasion , a fundamental defensive competency for Windows-heavy infrastructure defenders.

Risk score

20
cvss base
0.00
kev bonus
0.00
epss bonus
0.00
poc bonus
0.00
raw before weight
0.00
industry weight
1.21
freshness factor
1.00
exploitability factor
1.00
days old
0.00
vendor mismatch penalty
0.00

Path: operational

ESC