File tree Expand file tree Collapse file tree 1 file changed +11
-0
lines changed
Expand file tree Collapse file tree 1 file changed +11
-0
lines changed Original file line number Diff line number Diff line change @@ -22,6 +22,15 @@ Commands:
2222 OperatingSystem : Windows 10 (and possibly earlier versions), Windows 11
2323 Tags :
2424 - Execute : DLL
25+ - Command : mmc.exe -Embedding {PATH_ABSOLUTE:.msc}
26+ Description : Download and save an executable to disk
27+ Usecase : Download file from Internet
28+ Category : Download
29+ Privileges : User
30+ MitreID : T1218.014
31+ OperatingSystem : Windows 10 (and possibly earlier versions), Windows 11
32+ Tags :
33+ - Application : GUI
2534Full_Path :
2635 - Path : C:\Windows\System32\mmc.exe
2736 - Path : C:\Windows\SysWOW64\mmc.exe
@@ -31,9 +40,11 @@ Detection:
3140Resources :
3241 - Link : https://bohops.com/2018/08/18/abusing-the-com-registry-structure-part-2-loading-techniques-for-evasion-and-persistence/
3342 - Link : https://offsec.almond.consulting/UAC-bypass-dotnet.html
43+ - Link : https://www.youtube.com/watch?v=LFgZOTmhzeA
3444Acknowledgement :
3545 - Person : Jimmy
3646 Handle : ' @bohops'
3747 - Person : clem
3848 Handle : ' @clavoillotte'
49+ - Person : Fredrik H. Brathen
3950---
You can’t perform that action at this time.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments