From a976eaefe1c4eb1aab3bdc4888a6fc67bd8259f8 Mon Sep 17 00:00:00 2001
From: bohops <jimmy@jbtech.us>
Date: Fri, 3 Jul 2020 10:35:01 -0400
Subject: [PATCH] Updated Mitre Reference - T1096

---
 yml/OSBinaries/Certutil.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/yml/OSBinaries/Certutil.yml b/yml/OSBinaries/Certutil.yml
index db1e9a8..11fc80d 100644
--- a/yml/OSBinaries/Certutil.yml
+++ b/yml/OSBinaries/Certutil.yml
@@ -25,8 +25,8 @@ Commands:
     Usecase: Download file from Internet and save it in an NTFS Alternate Data Stream
     Category: ADS
     Privileges: User
-    MitreID: T1105
-    MitreLink: https://attack.mitre.org/wiki/Technique/T1105
+    MitreID: T1096
+    MitreLink: https://attack.mitre.org/techniques/T1096
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
   - Command: certutil -encode inputFileName encodedOutputFileName
     Description: Command to encode a file using Base64