public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-25 22:39:27 +01:00
Code Issues Projects Releases Wiki Activity

Update Extrac32.yml

Browse Source 
another use case for extrace32.
This commit is contained in:
LuxNoBu!!shit 2020-08-08 14:59:15 +03:00 committed by GitHub
parent 7a2ff4c250
commit 3a3d28e496
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
yml/OSBinaries/Extrac32.yml
View File

@ -28,6 +28,14 @@ Commands:
MitreID: T1105
MitreLink: https://attack.mitre.org/wiki/Technique/T1105
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
- Command: extrac32.exe /C C:\Windows\System32\calc.exe C:\Users\*\Desktop\calc.exe
Description: Command for copying calc.exe to another folder
Usecase: Copy file
Category: Copy
Privileges: User
MitreID: T1105
MitreLink: https://attack.mitre.org/wiki/Technique/T1105
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
Full_Path:
- Path: C:\Windows\System32\extrac32.exe
- Path: C:\Windows\SysWOW64\extrac32.exe
@ -40,6 +48,8 @@ Resources:
- Link: https://gist.github.com/api0cradle/cdd2d0d0ec9abb686f0e89306e277b8f
- Link: https://twitter.com/egre55/status/985994639202283520
Acknowledgement:
- Person: Hai Vaknin(Lux) https://github.com/LuxNoBulIshit
- Person: Tamir Yehuda https://github.com/tamirye
- Person: egre55
Handle: '@egre55'
- Person: Oddvar Moe