From bc58497c1a1d31a566daf9e0afff5dfa4b722ca4 Mon Sep 17 00:00:00 2001
From: Conor Richard <xenos@xenos-1.net>
Date: Fri, 6 Oct 2023 22:01:49 -0400
Subject: [PATCH] Update Mofcomp.yml

Fixing more YAML errors
---
 yml/OSBinaries/Mofcomp.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/yml/OSBinaries/Mofcomp.yml b/yml/OSBinaries/Mofcomp.yml
index dfa7e04..db61e83 100644
--- a/yml/OSBinaries/Mofcomp.yml
+++ b/yml/OSBinaries/Mofcomp.yml
@@ -7,14 +7,14 @@ Commands:
   - Command: mofcomp.exe C:\Windows\SERVIC~1\MSSQL$~1\AppData\Local\Temp\xitmf
     Description: Abuse of mofcomp.exe to parse a file which contains MOF statements in order create new classes as part of the WMI repository
     Usecase: Threat actors can use mofcomp.exe to decompile a BMOF binary and then register a malicious class in the WMI repository
-    Category: Execution and Persistence
+    Category: Execution
     Privileges: User
     MitreID: T1047
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11 & Windows Server 2008 and above
   - Command: mofcomp.exe C:\Programdata\x.mof
     Description: Abuse of mofcomp.exe to parse a file which contains MOF statements in order create new classes as part of the WMI repository
     Usecase: Threat actors can use mofcomp.exe to decompile a BMOF binary and then register a malicious class in the WMI repository
-    Category: Execution and Persistence
+    Category: Execution
     Privileges: User
     MitreID: T1047
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11 & Windows Server 2008 and above