1. Worse PdfTurn a normal PDF file into malicious.Use to steal Net-NTLM Hashes from windows machines.
10. SharprdpcheckUse to check the valid account of the Remote Desktop Protocol(Support plaintext and ntlmhash)
41. COM-Object-hijackinguse COM Object hijacking to maintain persistence.(Hijack CAccPropServicesClass and MMDeviceEnumerator)