Merge pull request #1 from sansan-monkey/sansan-monkey-patch-1

Update New technique T1547.001.yaml
redcanaryco · Jan 3, 2025 · 8d51cf7 · 8d51cf7
2 parents cda084c + d3f39d1
commit 8d51cf7
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/atomics/T1547.001/T1547.001.yaml b/atomics/T1547.001/T1547.001.yaml
@@ -423,6 +423,7 @@ atomic_tests:
   supported_platforms:
   - windows
   executor:
-    command: |
-      reg add "HKEY_CLASSES_ROOT\Directory\Background\shell\Size Modify\command" /ve /t REG_SZ /d "C:\Windows\System32\calc.exe" /f
+    command: reg add "HKEY_CLASSES_ROOT\Directory\Background\shell\Size Modify\command" /ve /t REG_SZ /d "C:\Windows\System32\calc.exe" /f
     cleanup_command: reg delete "HKEY_CLASSES_ROOT\Directory\Background\shell\Size Modify" /f
+    name: command_prompt
+    elevation_required: true