rc-abodkins
commented
2 years ago Updates from when this was worked on in August 2021.
{
"task scheduler": {
"process_name": ["schtasks.exe"]
},
"services":{
"process_name": ["sc.exe"]
},
"net": {
"process_name": ["net.exe", "net1.exe"]
},
"utilman": {
"process_name": ["utilman.exe"]
},
"vssadmin": {
"process_name": ["vssadmin.exe"]
},
"task_manager":{
"process_name": ["taskmgr.exe"]
},
"wmic": {
"process_name": ["wmic.exe"]
},
"whoami": {
"process_name": ["whoami.exe"]
},
"ping":{
"process_name": ["ping.exe"]
},
"nslookup":{
"process_name":["nslookup.exe"]
},
"ipconfig":{
"process_name":["ipconfig.exe"]
},
"netstat":{
"process_name":["netstat.exe"]
},
"Linux Subsystem": {
"process_name":["wsl.exe"]
},
"mmc": {
"process_name": ["mmc.exe"]
},
"systeminfo": {
"process_name": ["systeminfo.exe"]
},
"installutil": {
"process_name": ["installutil.exe"]
},
"rundll32": {
"process_name": ["rundll32.exe"]
},
"regsvcs": {
"process_name": ["regsvcs.exe"]
},
"regsvr32":{
"process_name": ["regsvr32.exe"]
},
"registry":{
"process_name":["regedit.exe", "regini.exe", "reg.exe"]
},
"findstr":{
"process_name":["findstr.exe"]
},
"event viewer":{
"process_name":["eventvwr.exe"]
},
"gpupdate":{
"process_name":["gpupdate.exe"]
},
"certutil":{
"process_name":["certutil.exe"]
}
}
Which category is the feature part of?
Use Cases
Proposal Update the contents of the system-utils definition file
Additional context Add any other context or screenshots about the feature request here.