rule:
meta:
name: enumerate gui resources
namespace: host-interaction/gui
authors:
- johnk3r
- anushka.virgaonkar@mandiant.com
scopes:
static: function
dynamic: call
att&ck:
- Discovery::Application Window Discovery [T1010]
examples:
- 5e6764534b3a1e4d3abacc4810b6985d:0x4011C0
- a74ee8200aace7d19dee79871bbf2ed3:0x403750
- 74fa32d2b277f583010b692a3f91b627:0x66BAEA67
- 021f49678cd633dc8cf99c61b3af3dda:0x40E44A
features:
- or:
- api: EnumResourceTypes
- api: EnumWindowStations
- api: EnumDesktops
- api: EnumWindows
- property/read: System.Windows.Forms.Screen::AllScreens
last edited: 2023-11-24 10:34:28