Updates for ATT&CK v17

2025-05-09 23:04:09 +02:00 · 2025-04-26 20:23:10 +01:00 · 2025-04-26 20:23:10 +01:00 · e15a9c3e27
commit e15a9c3e27
parent 7dbdad68e9
3 changed files with 3 additions and 3 deletions
--- a/yml/HonorableMentions/Code.yml
+++ b/yml/HonorableMentions/Code.yml
@ -9,7 +9,7 @@ Commands:
    Usecase: Reverse PowerShell session over MS provided infrastructure.
    Category: Execute
    Privileges: User
-    MitreID: T1219
+    MitreID: T1219.001
    OperatingSystem: Windows 10, Windows 11
 Full_Path:
  - Path: 'C:\Users\<username>\AppData\Local\Programs\Microsoft VS Code\Code.exe'
--- a/yml/OSBinaries/Dfsvc.yml
+++ b/yml/OSBinaries/Dfsvc.yml
@ -9,7 +9,7 @@ Commands:
    Usecase: Use binary to bypass Application whitelisting
    Category: AWL Bypass
    Privileges: User
-    MitreID: T1127
+    MitreID: T1127.002
    OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11
    Tags:
      - Execute: ClickOnce
--- a/yml/OSLibraries/Dfshim.yml
+++ b/yml/OSLibraries/Dfshim.yml
@ -9,7 +9,7 @@ Commands:
    Usecase: Use binary to bypass Application whitelisting
    Category: AWL Bypass
    Privileges: User
-    MitreID: T1127
+    MitreID: T1127.002
    OperatingSystem: Windows Vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11
    Tags:
      - Execute: ClickOnce