MHaggis
commented
3 years ago I just ran this test on on a local Windows 10 Pro build 19041 and it was successful. Were you running this against a remote host? or local?
Closed aldo1901 closed 3 years ago
MHaggis
commented
3 years ago I just ran this test on on a local Windows 10 Pro build 19041 and it was successful. Were you running this against a remote host? or local?
clr2of8
commented
3 years ago There was a problem with the prereq command where it would download some html instead of the gup executable. I just addressed this in PR #1346. If you delete gup.exe from the bin directory from this test and download with the new prereq command or manually it should resolve the issue.
What did you do?
ℹ Please replace this with what you did. Executed Atomic Test T1574.002 - Hijack Execution Flow: DLL Side-Loading via invoke-atomic-redteam
What did you expect to happen?
ℹ Please replace this with what you expected to happen. The atomic test executes and
calc.exeis launched.What happened instead?
ℹ Please replace this with of what happened instead. This version of C:\Users\test\AppData\Local\Temp\AtomicRedTeam\T1574.002\bin\GUP.exe is not compatible with the version of Windows you're running. Check your computer's system information and then contact the software publisher.
Your Environment
Maybe not a "problem". Just looking to see what version is that GUP package expecting. I was able to successfully run the test by using the .dll provided by atomics but using the latest WinGUp.