public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-11-04 02:29:34 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #79 from LuxNoBulIshit/master

Browse Source 
add new usecase for Extrace32.exe
This commit is contained in:
Oddvar Moe
2020-08-15 00:05:37 +02:00
committed by GitHub
parent 689c3b1fea 631996950a
commit a24bc5b946
1 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
yml/OSBinaries/Extrac32.yml
View File

@@ -28,6 +28,14 @@ Commands:
MitreID: T1105
MitreLink: https://attack.mitre.org/wiki/Technique/T1105
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
- Command: extrac32.exe /C C:\Windows\System32\calc.exe C:\Users\user\Desktop\calc.exe
Description: Command for copying calc.exe to another folder
Usecase: Copy file
Category: Copy
Privileges: User
MitreID: T1105
MitreLink: https://attack.mitre.org/wiki/Technique/T1105
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
Full_Path:
- Path: C:\Windows\System32\extrac32.exe
- Path: C:\Windows\SysWOW64\extrac32.exe
@@ -44,4 +52,8 @@ Acknowledgement:
Handle: '@egre55'
- Person: Oddvar Moe
Handle: '@oddvarmoe'
---
- Person: Hai Vaknin(Lux) https://github.com/LuxNoBulIshit
- handle: @VakninHai
- Person: Tamir Yehuda https://github.com/tamirye
- handle: @tim8288
---