public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-11-03 18:19:25 +01:00
Code Issues Projects Releases Wiki Activity

Changing ATT&CK TID of wuauclt.exe entry (#193)

Browse Source
This commit is contained in:
akshat pradhan
2022-01-24 03:54:59 +05:30
committed by GitHub
parent 7b208e8021
commit a7f7ec2cc2
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
yml/OSBinaries/Wuauclt.yml
View File

@@ -4,12 +4,12 @@ Description: Windows Update Client
Author: 'David Middlehurst'
Created: 2020-09-23
Commands:
- Command: wuauclt.exe /UpdateDeploymentProvider <Full_Path_To_DLL> /RunHandlerComServer
- Command: wuauclt.exe /UpdateDeploymentProvider Full_Path_To_DLL /RunHandlerComServer
Description: Full_Path_To_DLL would be the abosolute path to .DLL file and would execute code on attach.
Usecase: Execute dll via attach/detach methods
Category: Execute
Privileges: User
MitreID: T1218.011
MitreID: T1218
OperatingSystem: Windows 10
Full_Path:
- Path: C:\Windows\System32\wuauclt.exe