public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-01-24 20:42:09 +01:00
Code Issues Projects Releases Wiki Activity

printui.exe lolbas request

Browse Source
This commit is contained in:
root 2025-01-12 02:57:40 +03:00
parent d6579a02a6
commit 4030c53cd1
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
yml/OSBinaries/printui.yml
View File

@ -16,10 +16,11 @@ Commands:
Full_Path:
- Path: C:\Windows\System32\printui.exe
Detection:
- Sigma: https:https://github.com/SigmaHQ/sigma/blob/master/rules/windows/image_load/image_load_side_load_from_non_system_location.yml
- Sigma: https://github.com/SigmaHQ/sigma/blob/master/rules/windows/image_load/image_load_side_load_from_non_system_location.yml
- IOC: Load malicious DLL image
Resources:
- Link: https:https://www.linkedin.com/pulse/uncovered-lolbas-yasin-g%C3%B6khan-ta%C5%9Fkin-gnpwf/?trackingId=WvE5YmopTtyh%2FuvEPcpyZQ%3D%3D
- Link: https://www.linkedin.com/pulse/uncovered-lolbas-yasin-g%C3%B6khan-ta%C5%9Fkin-gnpwf/?trackingId=WvE5YmopTtyh%2FuvEPcpyZQ%3D%3D
- Link: https://x.com/TaskinYasn/status/1876672639558947213
Acknowledgement:
- Person: Yasin Gökhan TAŞKIN
Handle: '@TaskinYasn'