From eb9dfdee1791c9749a533b9b0af24a99e00ceccf Mon Sep 17 00:00:00 2001
From: hegusung <7390383+hegusung@users.noreply.github.com>
Date: Sun, 13 Oct 2024 18:27:37 +0200
Subject: [PATCH] Update Shell32.yml Tags

Added Tags:
Execute EXE
Execute CMD
---
 yml/OSLibraries/Shell32.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/yml/OSLibraries/Shell32.yml b/yml/OSLibraries/Shell32.yml
index 97e10ab..4848867 100644
--- a/yml/OSLibraries/Shell32.yml
+++ b/yml/OSLibraries/Shell32.yml
@@ -20,6 +20,8 @@ Commands:
     Privileges: User
     MitreID: T1218.011
     OperatingSystem: Windows 10, Windows 11
+    Tags:
+      - Execute: EXE
   - Command: rundll32 SHELL32.DLL,ShellExec_RunDLL "cmd.exe" "/c echo hi"
     Description: Launch command line by calling the ShellExec_RunDLL function.
     Usecase: Run an executable payload.
@@ -27,6 +29,8 @@ Commands:
     Privileges: User
     MitreID: T1218.011
     OperatingSystem: Windows 10, Windows 11
+    Tags:
+      - Execute: CMD
 Full_Path:
   - Path: c:\windows\system32\shell32.dll
   - Path: c:\windows\syswow64\shell32.dll