[New WTFBin]: OpenVAS runs WMIExec

[mttaggart]

• Contributor Name: Taggart
• Application/Executable: Greenbone OpenVAS Vulnerability scanner
• WTF Behavior Description:

When connecting to Windows hosts, OpenVAS will run impacket-wmiexec against the host. The resulting events look identical to a secretsdump run that you'd hunt for.

• Link to Documentation of Behavior: https://github.com/greenbone/openvas-scanner/blob/308cefe338df888814b735d11302f4b7e258bdc3/nasl/nasl_smb.c#L367
• Please provide any images for additional evidence.