From 0e2c45bc4ad8d9cef1a6089cb43a85381eb85ae7 Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team GUID generator <email>
Date: Mon, 7 Feb 2022 15:30:15 +0000
Subject: [PATCH] Generate GUIDs from job=generate_and_commit_guids_and_docs
 branch=master [skip ci]

---
 atomics/T1546.015/T1546.015.yaml | 1 +
 atomics/used_guids.txt           | 1 +
 2 files changed, 2 insertions(+)

diff --git a/atomics/T1546.015/T1546.015.yaml b/atomics/T1546.015/T1546.015.yaml
index 1d8e0d1a..de7f79c0 100644
--- a/atomics/T1546.015/T1546.015.yaml
+++ b/atomics/T1546.015/T1546.015.yaml
@@ -2,6 +2,7 @@ attack_technique: T1546.015
 display_name: 'Event Triggered Execution: Component Object Model Hijacking'
 atomic_tests:
 - name: COM Hijacking - InprocServer32
+  auto_generated_guid: 48117158-d7be-441b-bc6a-d9e36e47b52b
   description: |-
     This test uses PowerShell to hijack a reference to a Component Object Model by creating registry values under InprocServer32 key in the HKCU hive then calling the Class ID to be executed via rundll32.exe.
 
diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt
index 10a83522..ac7f6a22 100644
--- a/atomics/used_guids.txt
+++ b/atomics/used_guids.txt
@@ -860,3 +860,4 @@ a6a5ec26-a2d1-4109-9d35-58b867689329
 a0bced08-3fc5-4d8b-93b7-e8344739376e
 ae3a8605-b26e-457c-b6b3-2702fd335bac
 4449c89b-ec82-43a4-89c1-91e2f1abeecc
+48117158-d7be-441b-bc6a-d9e36e47b52b