From e3f8ebd276cd8fdf560116094d95da81c7f6b3b6 Mon Sep 17 00:00:00 2001
From: Patrick Bareiss <pbareiss@splunk.com>
Date: Fri, 9 Aug 2024 09:23:26 +0200
Subject: [PATCH] New Dataset

---
 .../attack_techniques/T1219/teamviewer/teamviewer.yml | 11 +++++++++++
 .../T1219/teamviewer/windows_security.log             |  3 +++
 2 files changed, 14 insertions(+)
 create mode 100644 datasets/attack_techniques/T1219/teamviewer/teamviewer.yml
 create mode 100644 datasets/attack_techniques/T1219/teamviewer/windows_security.log

diff --git a/datasets/attack_techniques/T1219/teamviewer/teamviewer.yml b/datasets/attack_techniques/T1219/teamviewer/teamviewer.yml
new file mode 100644
index 00000000..ce18ce5a
--- /dev/null
+++ b/datasets/attack_techniques/T1219/teamviewer/teamviewer.yml
@@ -0,0 +1,11 @@
+author: Patrick Bareiss
+id: 67cf6919-0596-4f78-bb2f-ad7f43170d3c
+date: '2024-08-09'
+description: 'Basic usage of teamviewer.'
+environment: attack_range
+dataset:
+- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1219/teamviewer/windows_security.log
+sourcetypes:
+- XmlWinEventLog
+references:
+- https://attack.mitre.org/techniques/T1219/
diff --git a/datasets/attack_techniques/T1219/teamviewer/windows_security.log b/datasets/attack_techniques/T1219/teamviewer/windows_security.log
new file mode 100644
index 00000000..fb5f0fde
--- /dev/null
+++ b/datasets/attack_techniques/T1219/teamviewer/windows_security.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:eb39a46869b7a410857f4e4ac39c5ecaa89e82b8954ac8e3762ac21711a3a342
+size 1390