Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]

atomics/T1219/T1219.md

@@ -18,6 +18,8 @@ Admin tools such as TeamViewer have been used by several groups targeting instit
 
 - [Atomic Test #5 - ScreenConnect Application Download and Install on Windows](#atomic-test-5---screenconnect-application-download-and-install-on-windows)
 
+- [Atomic Test #6 - Ammyy Admin Software Execution](#atomic-test-6---ammyy-admin-software-execution)
+
 
 <br/>
 
@@ -198,4 +200,54 @@ msiexec /x $installer /qn
 
 
 
+<br/>
+<br/>
+
+## Atomic Test #6 - Ammyy Admin Software Execution
+An adversary may attempt to trick the user into downloading Ammyy Admin Remote Desktop Software for use as a C2 channel. 
+Upon successful execution, Ammyy Admin will be executed.
+
+**Supported Platforms:** Windows
+
+
+**auto_generated_guid:** 0ae9e327-3251-465a-a53b-485d4e3f58fa
+
+
+
+
+
+#### Inputs:
+| Name | Description | Type | Default Value |
+|------|-------------|------|---------------|
+| Ammyy_Admin_Path | Path of Ammyy Admin executable | Path | $env:temp&#92;ammyy.exe|
+
+
+#### Attack Commands: Run with `powershell`!  Elevation Required (e.g. root or admin) 
+
+
+```powershell
+Start-Process #{Ammyy_Admin_Path}
+```
+
+#### Cleanup Commands:
+```powershell
+Stop-Process -Name "Ammyy" -force -erroraction silentlycontinue
+```
+
+
+
+#### Dependencies:  Run with `powershell`!
+##### Description: Ammyy Admin must exist on disk at the specified location (#{Ammyy_Admin_Path})
+##### Check Prereq Commands:
+```powershell
+if (Test-Path #{Ammyy_Admin_Path}) {exit 0} else {exit 1}
+```
+##### Get Prereq Commands:
+```powershell
+Start-BitsTransfer -Source "https://web.archive.org/web/20140625232737/http://www.ammyy.com/AA_v3.exe" -Destination "$env:temp\ammyy.exe" -dynamic
+```
+
+
+
+
 <br/>