What types of files can be executed via rundll32's ShellExecute call?

Beyond `.exe` files, `ShellExecute` supports scripts such as `.js`, `.hta`, and `.url` files. For instance, `rundll32.exe url.dll,OpenURL C:\4\calc.hta` launches an HTA that runs `calc.exe`. This expands the attack surface for fileless or script-based attacks, as noted in the analysis.