Description Lolbins can be renamed and run as a way to avoid detection Attacker's Goals Command execution via lolbins and detection avoidance via file rename. Investigative Actions Isolate the host and verify if the file is malicious or not.