From 9a96b554e5d8161356540c7ba3b9b8eb4013ff0e Mon Sep 17 00:00:00 2001
From: giMini <pabraeken@gmail.com>
Date: Wed, 9 May 2018 21:47:46 -0400
Subject: [PATCH] Create Syssetup.md

---
 OSLibraries/Syssetup.md | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 OSLibraries/Syssetup.md

diff --git a/OSLibraries/Syssetup.md b/OSLibraries/Syssetup.md
new file mode 100644
index 0000000..0cb142d
--- /dev/null
+++ b/OSLibraries/Syssetup.md
@@ -0,0 +1,30 @@
+## Syssetup.dll
+
+* Functions: Execute
+
+```
+rundll32 syssetup,SetupInfObjectInstallAction DefaultInstall 128 c:\temp\calc.INF
+```
+
+Acknowledgements:
+* Pierre-Alexandre Braeken - @pabraeken
+
+Code sample:
+* 
+
+Resources:
+* https://twitter.com/pabraeken/status/994392481927258113
+
+Full path:
+```
+c:\windows\system32\Syssetup.dll
+c:\windows\sysWOW64\Syssetup.dll
+```
+
+Notes:
+
+
+
+Detection:
+
+