Removing blank lines

This commit is contained in:
Filipe Spencer Lopes 2021-03-09 15:00:55 +01:00
parent b0a321e4c4
commit ff9f5cff3d
7 changed files with 2 additions and 7 deletions

View File

@ -15,4 +15,3 @@ Detection: []
Resources: Resources:
- https://twitter.com/bohops/status/986984122563391488 - https://twitter.com/bohops/status/986984122563391488
Notes: Thanks to Jimmy - @bohops Notes: Thanks to Jimmy - @bohops

View File

@ -23,4 +23,3 @@ Resources:
- https://attack.mitre.org/wiki/Technique/T1128 - https://attack.mitre.org/wiki/Technique/T1128
- https://twitter.com/teemuluotio/status/990532938952527873 - https://twitter.com/teemuluotio/status/990532938952527873
Notes: '' Notes: ''

View File

@ -17,4 +17,3 @@ Detection: []
Resources: Resources:
- https://twitter.com/harr0ey/status/991670870384021504 - https://twitter.com/harr0ey/status/991670870384021504
Notes: Thanks to Matt harr0ey - @harr0ey Notes: Thanks to Matt harr0ey - @harr0ey

View File

@ -15,4 +15,3 @@ Detection: []
Resources: Resources:
- https://twitter.com/Moriarty_Meng/status/984380793383370752 - https://twitter.com/Moriarty_Meng/status/984380793383370752
Notes: Thanks to Moriarty - @Moriarty_Meng Notes: Thanks to Moriarty - @Moriarty_Meng

View File

@ -19,4 +19,3 @@ Detection: []
Resources: Resources:
- https://www.sans.org/summit-archives/file/summit-archive-1493861893.pdf - https://www.sans.org/summit-archives/file/summit-archive-1493861893.pdf
Notes: 'Thanks to ' Notes: 'Thanks to '

View File

@ -17,4 +17,3 @@ Detection: []
Resources: Resources:
- https://social.technet.microsoft.com/wiki/contents/articles/1073.robocopy-and-a-few-examples.aspx - https://social.technet.microsoft.com/wiki/contents/articles/1073.robocopy-and-a-few-examples.aspx
Notes: Thanks to Name of guy - @twitterhandle Notes: Thanks to Name of guy - @twitterhandle

View File

@ -3,6 +3,7 @@ Name: Update.exe
Description: Binary to update the existing installed Nuget/squirrel package. Part of Whatsapp installation. Description: Binary to update the existing installed Nuget/squirrel package. Part of Whatsapp installation.
Author: 'Jesus Galvez' Author: 'Jesus Galvez'
Created: '2020-11-01' Created: '2020-11-01'
Commands:
- Command: Update.exe --processStart payload.exe --process-start-args "whatever args" - Command: Update.exe --processStart payload.exe --process-start-args "whatever args"
Description: Copy your payload into "%localappdata%\Whatsapp\app-[version]\". Then run the command. Update.exe will execute the file you copied. Description: Copy your payload into "%localappdata%\Whatsapp\app-[version]\". Then run the command. Update.exe will execute the file you copied.
Usecase: Execute binary Usecase: Execute binary
@ -14,5 +15,5 @@ Created: '2020-11-01'
Full_Path: Full_Path:
- Path: '%localappdata%\Whatsapp\Update.exe' - Path: '%localappdata%\Whatsapp\Update.exe'
Detection: Detection:
- IOC: "%localappdata%\Whatsapp\Update.exe" spawned an unknown process - IOC: '"%localappdata%\Whatsapp\Update.exe" spawned an unknown process'
--- ---