From 82729bc3bc88ce54cdcdacf9eb7a0df41cdbc3bd Mon Sep 17 00:00:00 2001 From: Atomic Red Team GUID generator Date: Fri, 1 Mar 2024 19:23:17 +0000 Subject: [PATCH] Generate GUIDs from job=generate-docs branch=master [skip ci] --- atomics/T1542.001/T1542.001.yaml | 1 + atomics/used_guids.txt | 1 + 2 files changed, 2 insertions(+) diff --git a/atomics/T1542.001/T1542.001.yaml b/atomics/T1542.001/T1542.001.yaml index 309b463b..4f0a334a 100644 --- a/atomics/T1542.001/T1542.001.yaml +++ b/atomics/T1542.001/T1542.001.yaml @@ -2,6 +2,7 @@ attack_technique: T1542.001 display_name: "Pre-OS Boot: System Firmware" atomic_tests: - name: UEFI Persistence via Wpbbin.exe File Creation + auto_generated_guid: b8a49f03-e3c4-40f2-b7bb-9e8f8fdddbf1 description: | Creates Wpbbin.exe in %systemroot%. This technique can be used for UEFI-based pre-OS boot persistence mechanisms. - https://grzegorztworek.medium.com/using-uefi-to-inject-executable-files-into-bitlocker-protected-drives-8ff4ca59c94c diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt index dd8218da..379d7507 100644 --- a/atomics/used_guids.txt +++ b/atomics/used_guids.txt @@ -1576,3 +1576,4 @@ a9b93f17-31cb-435d-a462-5e838a2a6026 3b0df731-030c-4768-b492-2a3216d90e53 424e18fd-48b8-4201-8d3a-bf591523a686 f095e373-b936-4eb4-8d22-f47ccbfbe64a +b8a49f03-e3c4-40f2-b7bb-9e8f8fdddbf1