npms

MHaggis · MHaggis · commit 26856c7bbc63 · 2025-11-25T08:35:12.000-07:00
diff --git a/datasets/attack_techniques/T1195.001/npm/npm_supply_chain.yml b/datasets/attack_techniques/T1195.001/npm/npm_supply_chain.yml
@@ -14,4 +14,8 @@ datasets:
 - name: shai_hulud_workflow_sysmon
   path: /datasets/attack_techniques/T1195.001/npm/shai_hulud_workflow_sysmon.log
   sourcetype: sysmon:linux
-  source: Syslog:Linux-Sysmon/Operational
+  source: Syslog:Linux-Sysmon/Operational
+- name: windows_workflow_sysmon
+  path: /datasets/attack_techniques/T1195.001/npm/windows_workflow_sysmon.log
+  sourcetype: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
+  source: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
diff --git a/datasets/attack_techniques/T1195.001/npm/shai_hulud_workflow_sysmon.log b/datasets/attack_techniques/T1195.001/npm/shai_hulud_workflow_sysmon.log
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:23a4fb324372db0799d122661a62f342f2f5e999e28c8f619c0d003ba0c6715a
-size 17001
+oid sha256:07d7235f1a63513ddb92fe8fb7d45e4f1afcdb90e0b5e8381aeb2f0847447980
+size 21532
diff --git a/datasets/attack_techniques/T1195.001/npm/windows_workflow_sysmon.log b/datasets/attack_techniques/T1195.001/npm/windows_workflow_sysmon.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7d97125aa89a44a943604a166b58c8852d95f44d30fa0309cb3d92f2c6c8d6ca
+size 13192

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:7d97125aa89a44a943604a166b58c8852d95f44d30fa0309cb3d92f2c6c8d6ca`
	`3`	`+size 13192`