SCShell is a fileless lateral movement tool that relies on ChangeServiceConfigA to run commands. The beauty of this tool is that it does not perform authentication against SMB. Everything is performed over DCERPC. The utility can be used remotely WITHOUT registering a service or creating a service. It also doesn’t have to drop any file …