public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-11-03 18:19:25 +01:00
Code Issues Projects Releases Wiki Activity

Adding <version> placeholder to Vshadow

Browse Source
This commit is contained in:
Wietze
2024-10-01 23:45:18 +01:00
parent 39a7120d40
commit 55d84345ac
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OtherMSBinaries/Vshadow.yml
View File

@@ -12,7 +12,7 @@ Commands:
MitreID: T1127
OperatingSystem: Windows 10, Windows 11
Full_Path:
- Path: C:\Program Files (x86)\Windows Kits\10\bin\10.0.XXXXX.0\x64\vshadow.exe
- Path: C:\Program Files (x86)\Windows Kits\10\bin\<version>\x64\vshadow.exe
Detection:
- IOC: vshadow.exe usage with -exec parameter
Resources: