security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Generated docs from job=generate-docs branch=master [ci skip]

Browse Source
This commit is contained in:
Atomic Red Team doc generator
2023-01-10 00:02:55 +00:00
parent f4afd9ccf5
commit 5a23718c06
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/Indexes/index.yaml
+2 -2
View File
@@ -101994,8 +101994,8 @@ initial-access:
- name: Word spawned a command shell and used an IP address in the command line
auto_generated_guid: cbb6799a-425c-4f83-9194-5447a909d67f
description: |
Word spawning a command prompt then running a command with an IP address in the command line is an indiciator of malicious activity.
Upon execution, CMD will be lauchned and ping 8.8.8.8
Word spawning a command prompt then running a command with an IP address in the command line is an indicator of malicious activity.
Upon execution, CMD will be launched and ping 8.8.8.8.
supported_platforms:
- windows
input_arguments:
atomics/T1566.001/T1566.001.md
+2 -2
View File
@@ -49,8 +49,8 @@ Remove-Item $env:TEMP\PhishingAttachment.xlsm -ErrorAction Ignore
<br/>
## Atomic Test #2 - Word spawned a command shell and used an IP address in the command line
Word spawning a command prompt then running a command with an IP address in the command line is an indiciator of malicious activity.
Upon execution, CMD will be lauchned and ping 8.8.8.8
Word spawning a command prompt then running a command with an IP address in the command line is an indicator of malicious activity.
Upon execution, CMD will be launched and ping 8.8.8.8.
**Supported Platforms:** Windows