From edf0105284abd47530d3bed3e125b616ea7577e6 Mon Sep 17 00:00:00 2001
From: hegusung <7390383+hegusung@users.noreply.github.com>
Date: Sun, 13 Oct 2024 21:43:38 +0200
Subject: [PATCH] Update Coregen.yml Tags

Added Execute: DLL tag
---
 yml/OtherMSBinaries/Coregen.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/yml/OtherMSBinaries/Coregen.yml b/yml/OtherMSBinaries/Coregen.yml
index b2fb1f7..7bbacc2 100644
--- a/yml/OtherMSBinaries/Coregen.yml
+++ b/yml/OtherMSBinaries/Coregen.yml
@@ -20,6 +20,8 @@ Commands:
     Privileges: User
     MitreID: T1055
     OperatingSystem: Windows
+    Tags:
+      - Execute: DLL
   - Command: coregen.exe /L C:\folder\evil.dll dummy_assembly_name
     Description: Loads the target .DLL in arbitrary path specified with /L. Since binary is signed it can also be used to bypass application whitelisting solutions.
     Usecase: Execute DLL code