From 935d69c8e56b89fb3f515c7291643748a5a79e44 Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team doc generator <email>
Date: Mon, 21 Oct 2019 21:04:31 +0000
Subject: [PATCH] Generate docs from job=validate_atomics_generate_docs
 branch=master

---
 atomics/T1037/T1037.md |  6 ++++--
 atomics/index.yaml     | 24 ++++++++++++++++--------
 2 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/atomics/T1037/T1037.md b/atomics/T1037/T1037.md
index 697ea544..6e168502 100644
--- a/atomics/T1037/T1037.md
+++ b/atomics/T1037/T1037.md
@@ -33,11 +33,13 @@ Added Via Reg.exe
 #### Run it with `command_prompt`! 
 ```
 REG.exe ADD HKCU\Environment /v UserInitMprLogonScript /t REG_MULTI_SZ /d "#{script_command}"
-REM cleanup command below.
-REG.exe DELETE HKCU\Environment /v UserInitMprLogonScript /f
 ```
 
 
+#### Cleanup Commands:
+```
+REG.exe DELETE HKCU\Environment /v UserInitMprLogonScript /f
+```
 
 <br/>
 <br/>
diff --git a/atomics/index.yaml b/atomics/index.yaml
index 16105d06..fa2951fd 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -2675,10 +2675,14 @@ persistence:
       executor:
         name: command_prompt
         elevation_required: false
-        command: |
-          REG.exe ADD HKCU\Environment /v UserInitMprLogonScript /t REG_MULTI_SZ /d "#{script_command}"
-          REM cleanup command below.
-          REG.exe DELETE HKCU\Environment /v UserInitMprLogonScript /f
+        command: 'REG.exe ADD HKCU\Environment /v UserInitMprLogonScript /t REG_MULTI_SZ
+          /d "#{script_command}"
+
+'
+        cleanup_command: 'REG.exe DELETE HKCU\Environment /v UserInitMprLogonScript
+          /f
+
+'
     - name: Logon Scripts - Mac
       description: 'Mac logon script
 
@@ -19699,10 +19703,14 @@ lateral-movement:
       executor:
         name: command_prompt
         elevation_required: false
-        command: |
-          REG.exe ADD HKCU\Environment /v UserInitMprLogonScript /t REG_MULTI_SZ /d "#{script_command}"
-          REM cleanup command below.
-          REG.exe DELETE HKCU\Environment /v UserInitMprLogonScript /f
+        command: 'REG.exe ADD HKCU\Environment /v UserInitMprLogonScript /t REG_MULTI_SZ
+          /d "#{script_command}"
+
+'
+        cleanup_command: 'REG.exe DELETE HKCU\Environment /v UserInitMprLogonScript
+          /f
+
+'
     - name: Logon Scripts - Mac
       description: 'Mac logon script