mirror of
https://github.com/LOLBAS-Project/LOLBAS
synced 2024-12-26 14:59:03 +01:00
Adjusted GfxDownloadWrapper
This commit is contained in:
parent
71aec7465b
commit
ecc94c2d09
@ -4,9 +4,9 @@ Description: Remote file download used by the Intel Graphics Control Panel, rece
|
|||||||
Author: Jesus Galvez
|
Author: Jesus Galvez
|
||||||
Created: Jesus Galvez
|
Created: Jesus Galvez
|
||||||
Commands:
|
Commands:
|
||||||
- Command: C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_[0-9]+\GfxDownloadWrapper.exe "<URL>" "<DESTINATION FILE>"
|
- Command: C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_[0-9]+\GfxDownloadWrapper.exe "URL" "DESTINATION FILE"
|
||||||
Description: GfxDownloadWrapper.exe downloads the content that returns <URL> and writes it to the file <DESTINATION FILE PATH>. The binary is signed by "Microsoft Windows Hardware", "Compatibility Publisher", "Microsoft Windows Third Party Component CA 2012", "Microsoft Time-Stamp PCA 2010", "Microsoft Time-Stamp Service".
|
Description: GfxDownloadWrapper.exe downloads the content that returns URL and writes it to the file DESTINATION FILE PATH. The binary is signed by "Microsoft Windows Hardware", "Compatibility Publisher", "Microsoft Windows Third Party Component CA 2012", "Microsoft Time-Stamp PCA 2010", "Microsoft Time-Stamp Service".
|
||||||
Usecase: C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5fc14233495bec91\GfxDownloadWrapper.exe "http://127.0.0.1:8005" "%temp%\test"
|
Usecase: Download file from internet
|
||||||
Category: Download
|
Category: Download
|
||||||
Privileges: User
|
Privileges: User
|
||||||
MitreID: T1105
|
MitreID: T1105
|
||||||
|
Loading…
Reference in New Issue
Block a user