LOLBAS/yml/LOLUtilz/OSBinaries/Psr.yml
2021-10-22 15:20:35 +02:00

24 lines
757 B
YAML

---
Name: Psr.exe
Description: Surveillance
Author: ''
Created: '2018-05-25'
Categories: []
Commands:
- Command: psr.exe /start /gui 0 /output c:\users\user\out.zip
Description: Capture screenshots of the desktop and save them in the target .ZIP file.
- Command: psr.exe /start /maxsc 100 /gui 0 /output c:\users\user\out.zip
Description: Capture a maximum of 100 screenshots of the desktop and save them in the target .ZIP file.
- Command: psr.exe /stop
Description: Stop the Problem Step Recorder.
Full_Path:
- C:\Windows\System32\Psr.exe
- C:\Windows\SysWOW64\Psr.exe
Code_Sample: []
Detection: []
Resources:
- https://www.sans.org/summit-archives/file/summit-archive-1493861893.pdf
Acknowledgement:
- Person: ''
- Handle: ''