public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-25 22:39:27 +01:00
Code Issues Projects Releases Wiki Activity

Update Certutil.yml

Browse Source
This commit is contained in:
Conor Richard 2020-10-26 19:43:55 -04:00 committed by GitHub
parent 64d5dffc4b
commit 5806d33e70
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OSBinaries/Certutil.yml
View File

@ -56,7 +56,7 @@ Full_Path:
- Path: C:\Windows\System32\certutil.exe - Path: C:\Windows\System32\certutil.exe
- Path: C:\Windows\SysWOW64\certutil.exe - Path: C:\Windows\SysWOW64\certutil.exe
Code_Sample: Code_Sample:
- Code:546573745f62795f4c696f72(example of the encoded hexadecimal file) - Code:
Detection: Detection:
- IOC: Certutil.exe creating new files on disk - IOC: Certutil.exe creating new files on disk
- IOC: Useragent Microsoft-CryptoAPI/10.0 - IOC: Useragent Microsoft-CryptoAPI/10.0