From f7b30775a4cb0ce341a3c7436bb879360aaddbef Mon Sep 17 00:00:00 2001
From: Wietze <wietze@users.noreply.github.com>
Date: Tue, 16 Nov 2021 14:08:04 +0000
Subject: [PATCH] Odbcconf realign to T1218.008, hh.exe to T1218.001

---
 yml/OSBinaries/Hh.yml       | 2 +-
 yml/OSBinaries/Odbcconf.yml | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/yml/OSBinaries/Hh.yml b/yml/OSBinaries/Hh.yml
index b8769f8..fcaf79f 100644
--- a/yml/OSBinaries/Hh.yml
+++ b/yml/OSBinaries/Hh.yml
@@ -16,7 +16,7 @@ Commands:
     Usecase: Execute process with HH.exe
     Category: Execute
     Privileges: User
-    MitreID: T1202
+    MitreID: T1218.001
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
 Full_Path:
   - Path: C:\Windows\System32\hh.exe
diff --git a/yml/OSBinaries/Odbcconf.yml b/yml/OSBinaries/Odbcconf.yml
index c6a4cf1..7163688 100644
--- a/yml/OSBinaries/Odbcconf.yml
+++ b/yml/OSBinaries/Odbcconf.yml
@@ -9,14 +9,14 @@ Commands:
     Usecase: Execute dll file using technique that can evade defensive counter measures
     Category: Execute
     Privileges: User
-    MitreID: T1218
+    MitreID: T1218.008
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
   - Command: odbcconf /a {REGSVR c:\test\test.dll}
     Description: Execute DllREgisterServer from DLL specified.
     Usecase: Execute dll file using technique that can evade defensive counter measures
     Category: Execute
     Privileges: User
-    MitreID: T1218
+    MitreID: T1218.008
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
 Full_Path:
   - Path: C:\Windows\System32\odbcconf.exe