From 9fddf9b1b86ed6bbe1b117af3b6d42f77ceb8ca8 Mon Sep 17 00:00:00 2001
From: hegusung <7390383+hegusung@users.noreply.github.com>
Date: Sun, 13 Oct 2024 17:16:29 +0200
Subject: [PATCH] Update Tttracer.yml Tags

Added Tags:
Execute EXE
---
 yml/OSBinaries/Tttracer.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/yml/OSBinaries/Tttracer.yml b/yml/OSBinaries/Tttracer.yml
index d2125bd..c12ae91 100644
--- a/yml/OSBinaries/Tttracer.yml
+++ b/yml/OSBinaries/Tttracer.yml
@@ -11,6 +11,8 @@ Commands:
     Privileges: Administrator
     MitreID: T1127
     OperatingSystem: Windows 10 1809 and newer, Windows 11
+    Tags:
+    - Execute: EXE
   - Command: TTTracer.exe -dumpFull -attach pid
     Description: Dumps process using tttracer.exe. Requires administrator privileges
     Usecase: Dump process by PID