Logger.exe

A logging configuration tool from the Windows Kits used to start and manage process logging.

Paths

• C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\logger.exe
• C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\logger.exe
• C:\Program Files\Windows Kits\10\Debuggers\x86\logger.exe
• C:\Program Files\Windows Kits\10\Debuggers\x64\logger.exe

Commands

Execute

Executes the command specified after the `RUN` parameter as a child of `logger.exe`.

Use case: Executes an abitrary command via a signed binary to evade detection.

Privileges: User

logger.exe RUN "{CMD}"

Execute

Executes the command specified after the `RUNW` parameter as a child of `logger.exe`.

Use case: Executes an abitrary command via a signed binary to evade detection.

Privileges: User

logger.exe RUNW "{CMD}"

Execute

Executes the command specified as a child of `logger.exe`.

Use case: Executes an abitrary command via a signed binary to evade detection.

Privileges: User

logger.exe "{CMD}"

Resources

• https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/logger