LOLBAS/yml/OSBinaries/Pnputil.yml

---
Name: Pnputil.exe
Description: used for Install drivers.
Author: Hai vaknin (lux)
Created: 25/12/2020
Commands:
  - Command: pnputil.exe -i -a C:\Users\hai\Desktop\mo.inf
    Description: used for Install drivers
    Usecase: add malicious driver.
    Category: Execution
    Privileges: Administrator
    MitreID: T1215
    MitreLink: https://attack.mitre.org/techniques/T1215
    OperatingSystem: Windows 10,7 
Full_Path:
  - Path: C:\Windows\system32\pnputil.exe
Code_Sample: https://github.com/LuxNoBulIshit/test.inf/blob/main/inf
Acknowledgement:
  - Person: Hai Vaknin(Lux) 
    Handle: 'LuxNoBulIshit'
  - Person: Avihay eldad
    Handle: 'aloneliassaf'
---