Nterl0k - Goot Loader Malware w/ Partial TTPs

[nterl0k]

Upload for incoming detection builds.

[patel-bhavin]

@nterl0k : Hello, thank you for the PR. Can you add a yml file in the partial_ttps directory describing the data, how it was generated?
Also, it looks like the .log file was directly committed into the branch. Upload these dataset files via git lfs?
Eg: https://github.com/splunk/attack_data/blob/master/datasets/attack_techniques/T1003.001/atomic_red_team/atomic_red_team.yml

[nterl0k]

Can do, didn't realize we still needed the description ymls. I'll craft one and upload shortly.

…

________________________________ From: Bhavin Patel ***@***.***> Sent: Tuesday, July 11, 2023 11:16 AM To: splunk/attack_data ***@***.***> Cc: Steven Dick ***@***.***>; Mention ***@***.***> Subject: Re: [splunk/attack_data] Nterl0k - Goot Loader Malware w/ Partial TTPs (PR #817) @nterl0k<https://github.com/nterl0k> : Hello, thank you for the PR. Can you add a yml file in the partial_ttps describing the data, how it was generated? Eg: https://github.com/splunk/attack_data/blob/master/datasets/attack_techniques/T1003.001/atomic_red_team/atomic_red_team.yml — Reply to this email directly, view it on GitHub<#817 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AJIYP7UV4NGXBMZYNDSNV3LXPVU4FANCNFSM6AAAAAAZIJPYIM>. You are receiving this because you were mentioned.Message ID: ***@***.***>

[nterl0k]

yml added, edit/update as you need to.

[patel-bhavin]

perfect! this is great. thank you for being so prompt! @nterl0k