From f1fe392c2605760a9f5cc8f4d72092c141bef41f Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team GUID generator <email>
Date: Wed, 30 Mar 2022 20:04:09 +0000
Subject: [PATCH] Generate GUIDs from job=generate_and_commit_guids_and_docs
 branch=master [skip ci]

---
 atomics/T1562.001/T1562.001.yaml | 1 +
 atomics/used_guids.txt           | 1 +
 2 files changed, 2 insertions(+)

diff --git a/atomics/T1562.001/T1562.001.yaml b/atomics/T1562.001/T1562.001.yaml
index 1af40a96..f0a76542 100644
--- a/atomics/T1562.001/T1562.001.yaml
+++ b/atomics/T1562.001/T1562.001.yaml
@@ -575,6 +575,7 @@ atomic_tests:
     name: powershell
     elevation_required: true
 - name: Disable Windows Defender Tamper Protection
+  auto_generated_guid: 5fde6578-9419-46ef-9258-269dc8656c3e
   description: Disabling Windows Defender tamper protection to allow attacks such as [Process Doppleganging](https://medium.com/cyber-unbound/process-doppelg%C3%A4nging-684bdd6b760f). Tamper Protection will be disabled after the next reboot.
   supported_platforms:
   - windows
diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt
index dbb6c906..bfcf584f 100644
--- a/atomics/used_guids.txt
+++ b/atomics/used_guids.txt
@@ -942,3 +942,4 @@ dcb6cdee-1fb0-4087-8bf8-88cfd136ba51
 56506854-89d6-46a3-9804-b7fde90791f9
 88b81702-a1c0-49a9-95b2-2dd53d755767
 fb8d4d7e-f5a4-481c-8867-febf13f8b6d3
+5fde6578-9419-46ef-9258-269dc8656c3e