From de5e865929fec8ae0137991639a4eebbab9fa89b Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team doc generator <email>
Date: Fri, 18 Mar 2022 20:03:18 +0000
Subject: [PATCH] Generate docs from job=generate_and_commit_guids_and_docs
 branch=master [skip ci]

---
 atomics/Indexes/index.yaml | 2 +-
 atomics/T1112/T1112.md     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index 5423cc2f..a99d8565 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -32103,7 +32103,7 @@ defense-evasion:
       - windows
       executor:
         command: 'reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
-          /v StartMenuLogOff /t REG_DWORD /d 1 /f
+          /v NoTrayContextMenu /t REG_DWORD /d 1 /f
 
 '
         cleanup_command: 'reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
diff --git a/atomics/T1112/T1112.md b/atomics/T1112/T1112.md
index 1b235756..7777c1a3 100644
--- a/atomics/T1112/T1112.md
+++ b/atomics/T1112/T1112.md
@@ -908,7 +908,7 @@ See how ransomware abuses this technique- https://www.virustotal.com/gui/file/2d
 
 
 ```cmd
-reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v StartMenuLogOff /t REG_DWORD /d 1 /f
+reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoTrayContextMenu /t REG_DWORD /d 1 /f
 ```
 
 #### Cleanup Commands: