public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-01-13 15:29:05 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #79 from LuxNoBulIshit/master

Browse Source 
add new usecase for Extrace32.exe
This commit is contained in:
Oddvar Moe 2020-08-15 00:05:37 +02:00 committed by GitHub
commit a24bc5b946
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
yml/OSBinaries/Extrac32.yml
View File

@ -28,6 +28,14 @@ Commands:
MitreID: T1105 MitreID: T1105
MitreLink: https://attack.mitre.org/wiki/Technique/T1105 MitreLink: https://attack.mitre.org/wiki/Technique/T1105
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10 OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
- Command: extrac32.exe /C C:\Windows\System32\calc.exe C:\Users\user\Desktop\calc.exe
Description: Command for copying calc.exe to another folder
Usecase: Copy file
Category: Copy
Privileges: User
MitreID: T1105
MitreLink: https://attack.mitre.org/wiki/Technique/T1105
OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
Full_Path: Full_Path:
- Path: C:\Windows\System32\extrac32.exe - Path: C:\Windows\System32\extrac32.exe
- Path: C:\Windows\SysWOW64\extrac32.exe - Path: C:\Windows\SysWOW64\extrac32.exe
@ -44,4 +52,8 @@ Acknowledgement:
Handle: '@egre55' Handle: '@egre55'
- Person: Oddvar Moe - Person: Oddvar Moe
Handle: '@oddvarmoe' Handle: '@oddvarmoe'
- Person: Hai Vaknin(Lux) https://github.com/LuxNoBulIshit
- handle: @VakninHai
- Person: Tamir Yehuda https://github.com/tamirye
- handle: @tim8288
--- ---