From 330e495c517edd919d29edd1f43768743496afa7 Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team GUID generator <email>
Date: Fri, 16 Apr 2021 05:23:16 +0000
Subject: [PATCH] Generate GUIDs from job=generate_and_commit_guids_and_docs
 branch=master [skip ci]

---
 atomics/T1036/T1036.yaml | 1 +
 atomics/used_guids.txt   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/atomics/T1036/T1036.yaml b/atomics/T1036/T1036.yaml
index c62e0656..8f9029d1 100644
--- a/atomics/T1036/T1036.yaml
+++ b/atomics/T1036/T1036.yaml
@@ -2,6 +2,7 @@ attack_technique: T1036
 display_name: "Masquerading"
 atomic_tests:
 - name: System File Copied to Unusual Location
+  auto_generated_guid: 51005ac7-52e2-45e0-bdab-d17c6d4916cd
   description: It may be suspicious seeing a file copy of an EXE in System32 or SysWOW64 to a non-system directory or executing from a non-system directory.
   supported_platforms:
   - windows
diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt
index 9cf8e22d..bfc6bc36 100644
--- a/atomics/used_guids.txt
+++ b/atomics/used_guids.txt
@@ -672,3 +672,4 @@ f4983098-bb13-44fb-9b2c-46149961807b
 f400d1c0-1804-4ff8-b069-ef5ddd2adbf3
 9d0072c8-7cca-45c4-bd14-f852cfa35cf0
 bfe6ac15-c50b-4c4f-a186-0fc6b8ba936c
+51005ac7-52e2-45e0-bdab-d17c6d4916cd