From 68dd3dbf48ba83797262312efd0690edf0d883c4 Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team GUID generator <email>
Date: Fri, 1 Oct 2021 14:33:24 +0000
Subject: [PATCH] Generate GUIDs from job=generate_and_commit_guids_and_docs
 branch=master [skip ci]

---
 atomics/T1548.002/T1548.002.yaml | 8 ++++++++
 atomics/used_guids.txt           | 8 ++++++++
 2 files changed, 16 insertions(+)

diff --git a/atomics/T1548.002/T1548.002.yaml b/atomics/T1548.002/T1548.002.yaml
index b3e09bae..6b56812c 100644
--- a/atomics/T1548.002/T1548.002.yaml
+++ b/atomics/T1548.002/T1548.002.yaml
@@ -189,6 +189,7 @@ atomic_tests:
     name: command_prompt
     elevation_required: false
 - name: UACME Bypass Method 23
+  auto_generated_guid: 8ceab7a2-563a-47d2-b5ba-0995211128d7
   description: |
     Executes User Account Control Bypass according to the methods listed below. Upon successful execution you should see event viewer load and two administrative command prompts.
     Note: The cleanup_command's which kill the spawned cmd and event viewer processes only work if run as admin.
@@ -234,6 +235,7 @@ atomic_tests:
       powershell Stop-Process -Name mmc -Force -ErrorAction Ignore
     name: command_prompt
 - name: UACME Bypass Method 31
+  auto_generated_guid: b0f76240-9f33-4d34-90e8-3a7d501beb15
   description: |
     Executes User Account Control Bypass according to the methods listed below. Upon successful execution you should see event viewer load and two administrative command prompts.
     Note: The cleanup_command's which kill the spawned cmd and event viewer processes only work if run as admin.
@@ -279,6 +281,7 @@ atomic_tests:
       powershell Stop-Process -Name mmc -Force -ErrorAction Ignore
     name: command_prompt
 - name: UACME Bypass Method 33
+  auto_generated_guid: e514bb03-f71c-4b22-9092-9f961ec6fb03
   description: |
     Executes User Account Control Bypass according to the methods listed below. Upon successful execution you should see event viewer load and two administrative command prompts.
     Note: The cleanup_command's which kill the spawned cmd and event viewer processes only work if run as admin.
@@ -324,6 +327,7 @@ atomic_tests:
       powershell Stop-Process -Name mmc -Force -ErrorAction Ignore
     name: command_prompt
 - name: UACME Bypass Method 34
+  auto_generated_guid: 695b2dac-423e-448e-b6ef-5b88e93011d6
   description: |
     Executes User Account Control Bypass according to the methods listed below. Upon successful execution you should see event viewer load and two administrative command prompts.
     Note: The cleanup_command's which kill the spawned cmd and event viewer processes only work if run as admin.
@@ -369,6 +373,7 @@ atomic_tests:
       powershell Stop-Process -Name mmc -Force -ErrorAction Ignore
     name: command_prompt
 - name: UACME Bypass Method 39
+  auto_generated_guid: 56163687-081f-47da-bb9c-7b231c5585cf
   description: |
     Executes User Account Control Bypass according to the methods listed below. Upon successful execution you should see event viewer load and two administrative command prompts.
     Note: The cleanup_command's which kill the spawned cmd and event viewer processes only work if run as admin.
@@ -414,6 +419,7 @@ atomic_tests:
       powershell Stop-Process -Name mmc -Force -ErrorAction Ignore
     name: command_prompt
 - name: UACME Bypass Method 56
+  auto_generated_guid: 235ec031-cd2d-465d-a7ae-68bab281e80e
   description: |
     Executes User Account Control Bypass according to the methods listed below. Upon successful execution you should see event viewer load and two administrative command prompts.
     Note: The cleanup_command's which kill the spawned cmd and event viewer processes only work if run as admin.
@@ -459,6 +465,7 @@ atomic_tests:
       powershell Stop-Process -Name mmc -Force -ErrorAction Ignore
     name: command_prompt
 - name: UACME Bypass Method 59
+  auto_generated_guid: dfb1b667-4bb8-4a63-a85e-29936ea75f29
   description: |
     Executes User Account Control Bypass according to the methods listed below. Upon successful execution you should see event viewer load and two administrative command prompts.
     Note: The cleanup_command's which kill the spawned cmd and event viewer processes only work if run as admin.
@@ -504,6 +511,7 @@ atomic_tests:
       powershell Stop-Process -Name mmc -Force -ErrorAction Ignore
     name: command_prompt
 - name: UACME Bypass Method 61
+  auto_generated_guid: 7825b576-744c-4555-856d-caf3460dc236
   description: |
     Executes User Account Control Bypass according to the methods listed below. Upon successful execution you should see event viewer load and two administrative command prompts.
     Note: The cleanup_command's which kill the spawned cmd and event viewer processes only work if run as admin.
diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt
index 3a27e373..7c03d83e 100644
--- a/atomics/used_guids.txt
+++ b/atomics/used_guids.txt
@@ -797,3 +797,11 @@ e03ada14-0980-4107-aff1-7783b2b59bb1
 1289f78d-22d2-4590-ac76-166737e1811b
 c943d285-ada3-45ca-b3aa-7cd6500c6a48
 b26a3340-dad7-4360-9176-706269c74103
+8ceab7a2-563a-47d2-b5ba-0995211128d7
+b0f76240-9f33-4d34-90e8-3a7d501beb15
+e514bb03-f71c-4b22-9092-9f961ec6fb03
+695b2dac-423e-448e-b6ef-5b88e93011d6
+56163687-081f-47da-bb9c-7b231c5585cf
+235ec031-cd2d-465d-a7ae-68bab281e80e
+dfb1b667-4bb8-4a63-a85e-29936ea75f29
+7825b576-744c-4555-856d-caf3460dc236