public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-10-22 16:49:11 +02:00
Code Issues Projects Releases Wiki Activity

Adding <version> placeholder to Vshadow

Browse Source
This commit is contained in:
Wietze 2024-10-01 23:45:18 +01:00
parent 39a7120d40
commit 55d84345ac
No known key found for this signature in database
GPG Key ID: E17630129FF993CF
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OtherMSBinaries/Vshadow.yml
View File

@ -12,7 +12,7 @@ Commands:
MitreID: T1127 MitreID: T1127
OperatingSystem: Windows 10, Windows 11 OperatingSystem: Windows 10, Windows 11
Full_Path: Full_Path:
- Path: C:\Program Files (x86)\Windows Kits\10\bin\10.0.XXXXX.0\x64\vshadow.exe - Path: C:\Program Files (x86)\Windows Kits\10\bin\<version>\x64\vshadow.exe
Detection: Detection:
- IOC: vshadow.exe usage with -exec parameter - IOC: vshadow.exe usage with -exec parameter
Resources: Resources: