From d7586605594bd1685e4c2d34267629bc51cedef3 Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team GUID generator <email>
Date: Tue, 5 Apr 2022 15:59:31 +0000
Subject: [PATCH] Generate GUIDs from job=generate_and_commit_guids_and_docs
 branch=master [skip ci]

---
 atomics/T1562.001/T1562.001.yaml | 1 +
 atomics/used_guids.txt           | 1 +
 2 files changed, 2 insertions(+)

diff --git a/atomics/T1562.001/T1562.001.yaml b/atomics/T1562.001/T1562.001.yaml
index 486a1f61..116aa7af 100644
--- a/atomics/T1562.001/T1562.001.yaml
+++ b/atomics/T1562.001/T1562.001.yaml
@@ -586,6 +586,7 @@ atomic_tests:
     cleanup_command: Set-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Feature' -name 'TamperData' -value 1
     name: powershell
 - name: Disable Defender Using NirSoft AdvancedRun
+  auto_generated_guid: 81ce22fd-9612-4154-918e-8a1f285d214d
   description: |
     Information on NirSoft AdvancedRun and its creators found here: http://www.nirsoft.net/utils/advanced_run.html
     This Atomic will run AdvancedRun.exe with similar behavior identified during the WhisperGate campaign.
diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt
index 97ca968b..62fffd90 100644
--- a/atomics/used_guids.txt
+++ b/atomics/used_guids.txt
@@ -949,3 +949,4 @@ c173c948-65e5-499c-afbe-433722ed5bd4
 ca20a3f1-42b5-4e21-ad3f-1049199ec2e0
 9c2dd36d-5c8b-4b29-8d72-a11b0d5d7439
 4b437357-f4e9-4c84-9fa6-9bcee6f826aa
+81ce22fd-9612-4154-918e-8a1f285d214d