public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-27 12:42:19 +02:00
Code Issues Projects Releases Wiki Activity

Adding file paths (#416)

Browse Source
This commit is contained in:
ciwen3
2025-01-14 07:12:42 -08:00
committed by GitHub
parent b9a6cd6a87
commit e62749f81a
5 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
yml/OSBinaries/msedgewebview2.yml
View File

@@ -42,6 +42,7 @@ Commands:
- Execute: CMD
Full_Path:
- Path: C:\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.43\msedgewebview2.exe
- Path: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.70\msedgewebview2.exe
Detection:
- Sigma: https://github.com/SigmaHQ/sigma/blob/e1a713d264ac072bb76b5c4e5f41315a015d3f41/rules/windows/process_creation/proc_creation_win_susp_electron_execution_proxy.yml
- IOC: 'msedgewebview2.exe spawned with any of the following: --gpu-launcher, --utility-cmd-prefix, --renderer-cmd-prefix, --browser-subprocess-path'