infosecn1nja
/
MaliciousMacroGenerator
mirror of https://github.com/infosecn1nja/MaliciousMacroGenerator.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create wmi-cmd-evasion-process.json

patch-1
Mr.Un1k0d3r 2017-08-03 14:41:07 -04:00 committed by GitHub
parent 7b04db48fa
commit 6c7c3c965b
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
configs/wmi-cmd-evasion-process.json Normal file
View File

@ -0,0 +1,13 @@
{
"description": "Command exec payload using WMI Win32_Process class\nEvasion technique set to check running process",
"template": "templates/payloads/wmi-evasion-process-template.vba",
"varcount": 150,
"encodingoffset": 4,
"chunksize": 200,
"encodedvars": {
"PROCESS_NAME":"outlook.exe"
},
"vars": [],
"evasion": ["encoder", "process"],
"payload": "cmd.exe /c whoami"
}