security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Generated docs from job=generate-docs branch=master [ci skip]

Browse Source
This commit is contained in:
Atomic Red Team doc generator
2022-08-22 14:53:14 +00:00
parent c020e66a8f
commit 7d663aee1b
2 changed files with 0 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/Indexes/index.yaml
-3
View File
@@ -10937,7 +10937,6 @@ defense-evasion:
executor:
command: |
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /out:"$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe" "PathToAtomicsFolder\T1574.008\bin\calc.cs"
Copy-Item "PathToAtomicsFolder\T1574.008\bin\Calc.exe" -Destination "$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe"
Powershell -noprofile
cleanup_command: |
Remove-Item "$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe" -ErrorAction Ignore
@@ -31995,7 +31994,6 @@ privilege-escalation:
executor:
command: |
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /out:"$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe" "PathToAtomicsFolder\T1574.008\bin\calc.cs"
Copy-Item "PathToAtomicsFolder\T1574.008\bin\Calc.exe" -Destination "$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe"
Powershell -noprofile
cleanup_command: |
Remove-Item "$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe" -ErrorAction Ignore
@@ -52866,7 +52864,6 @@ persistence:
executor:
command: |
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /out:"$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe" "PathToAtomicsFolder\T1574.008\bin\calc.cs"
Copy-Item "PathToAtomicsFolder\T1574.008\bin\Calc.exe" -Destination "$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe"
Powershell -noprofile
cleanup_command: |
Remove-Item "$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe" -ErrorAction Ignore
atomics/T1574.008/T1574.008.md
-1
View File
@@ -35,7 +35,6 @@ https://blog.malwarebytes.com/threat-intelligence/2022/04/colibri-loader-combine
```powershell
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /out:"$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe" "PathToAtomicsFolder\T1574.008\bin\calc.cs"
Copy-Item "PathToAtomicsFolder\T1574.008\bin\Calc.exe" -Destination "$env:localappdata\Microsoft\WindowsApps\Get-Variable.exe"
Powershell -noprofile
```