Skip to content

Commit e187928

Browse files
github-actions[bot]github-actions[bot]
committed
1 parent bbf3f75 commit e187928

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

_lolbas/OtherMSBinaries/Sqldumper.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ Commands:
2121
Full_Path:
2222
- Path: C:\Program Files\Microsoft SQL Server\90\Shared\SQLDumper.exe
2323
- Path: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Analysis\AS OLEDB\140\SQLDumper.exe
24+
- Path: C:\Program Files\Microsoft Power BI Desktop\bin\SqlDumper.exe
2425
Detection:
2526
- Sigma: https://github.com/SigmaHQ/sigma/blob/683b63f8184b93c9564c4310d10c571cbe367e1e/rules/windows/process_creation/proc_creation_win_lolbin_susp_sqldumper_activity.yml
2627
- Elastic: https://github.com/elastic/detection-rules/blob/f6421d8c534f295518a2c945f530e8afc4c8ad1b/rules/windows/credential_access_lsass_memdump_file_created.toml

0 commit comments

Comments
 (0)