From f1a7ad92dd00dd63fd9ef8aa0106e5212dbfcec4 Mon Sep 17 00:00:00 2001
From: bohops <jimmy@jbtech.us>
Date: Fri, 3 Jul 2020 10:24:34 -0400
Subject: [PATCH] Changed privilege level for registration

---
 yml/OSBinaries/Regsvcs.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/yml/OSBinaries/Regsvcs.yml b/yml/OSBinaries/Regsvcs.yml
index a89ca2e..d164ef2 100644
--- a/yml/OSBinaries/Regsvcs.yml
+++ b/yml/OSBinaries/Regsvcs.yml
@@ -8,7 +8,7 @@ Commands:
     Description: Loads the target .DLL file and executes the RegisterClass function.
     Usecase: Execute dll file and bypass Application whitelisting
     Category: Execute
-    Privileges: User
+    Privileges: Local Admin
     MitreID: T1121
     MitreLink: https://attack.mitre.org/wiki/Technique/T1121
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
@@ -34,4 +34,4 @@ Resources:
 Acknowledgement:
   - Person: Casey Smith
     Handle: '@subtee'
----
\ No newline at end of file
+---