---
Name: Binary.exe
Description: Something general about the binary
Author: The name of the person that created this file
Created: YYYY-MM-DD (date the person created this file)
Commands:
  - Command: The command
    Description: Description of the command
    Usecase: A description of the usecase
    Category: Execute
    Privileges: Required privs
    MitreID: T1055
    OperatingSystem: Windows 10 1803, Windows 10 1703
  - Command: The second command
    Description: Description of the second command
    Usecase: A description of the usecase
    Category: AWL Bypass
    Privileges: Required privs
    MitreID: T1033
    OperatingSystem: Windows 10 All
Full_Path:
  - Path: c:\windows\system32\bin.exe
  - Path: c:\windows\syswow64\bin.exe
Code_Sample:
  - Code: http://url.com/git.txt
Detection:
  - IOC: Event ID 10
  - IOC: binary.exe spawned
  - Analysis: https://link/to/blog/gist/writeup/if/applicable
  - Sigma: https://link/to/sigma/rule/if/applicable
  - Elastic: https://link/to/elastic/rule/if/applicable
  - Splunk: https://link/to/splunk/rule/if/applicable
  - BlockRule: https://link/to/microsoft/block/rules/if/applicable
Resources:
  - Link: http://blogpost.com
  - Link: http://twitter.com/something
  - Link: Threatintelreport...
Acknowledgement:
  - Person: John Doe
    Handle: '@johndoe'
  - Person: Ola Norman
    Handle: '@olaNor'