From 59a458660250405215c87929c00d06429d394928 Mon Sep 17 00:00:00 2001 From: Phill Moore Date: Sat, 17 Aug 2024 23:06:05 +1000 Subject: [PATCH 1/4] Add itarian --- Targets/Apps/ITarian.yml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 Targets/Apps/ITarian.yml diff --git a/Targets/Apps/ITarian.yml b/Targets/Apps/ITarian.yml new file mode 100644 index 000000000..66bd003a3 --- /dev/null +++ b/Targets/Apps/ITarian.yml @@ -0,0 +1,30 @@ +Description: ITarian RMM +Author: Phill Moore +Version: 1.0 +Id: aa387dbf-3326-a9c7-4d61-7d62197341a3 +RecreateDirectories: true +Targets: + - + Name: ITarian + Category: Apps + Path: C:\Program Files\ITarian\Endpoint Manager\rmmlogs + Comment: "" + - + Name: ITarian + Category: Apps + Path: C:\Program Files (x86)\ITarian\Endpoint Manager\rmmlogs + Comment: "" + - + Name: Comodo + Category: Apps + Path: C:\Program Files\Comodo\Endpoint Manager\rmmlogs + Comment: "" + - + Name: ITarian + Category: Apps + Path: C:\Program Files (x86)\Comodo\Endpoint Manager\rmmlogs + Comment: "" + + +# Documentation +# https://russianpanda.com/The-Abuse-of-ITarian-RMM-by-Dolphin-Loader \ No newline at end of file From b14d3a1926ad929d6a478d8e2022672f8823e5bc Mon Sep 17 00:00:00 2001 From: Phill Moore Date: Sat, 17 Aug 2024 23:07:13 +1000 Subject: [PATCH 2/4] Update RemoteAdmin.tkape --- Targets/Compound/RemoteAdmin.tkape | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Targets/Compound/RemoteAdmin.tkape b/Targets/Compound/RemoteAdmin.tkape index 244cea2e5..1dc0e44b1 100644 --- a/Targets/Compound/RemoteAdmin.tkape +++ b/Targets/Compound/RemoteAdmin.tkape @@ -1,6 +1,6 @@ Description: Composite target for files related to remote administration tools -Author: Drew Ervin, Mathias Frank, Andrew Rathbun -Version: 1.9 +Author: Drew Ervin, Mathias Frank, Andrew Rathbun, Phill Moore +Version: 2.0 Id: 31cf5a4e-c44c-4457-b11f-74dca73e141b RecreateDirectories: true Targets: @@ -28,6 +28,10 @@ Targets: Name: ISLOnline Category: ApplicationLogs Path: ISLOnline.tkape + - + Name: ITarian + Category: ApplicationLogs + Path: ITarian.tkape - Name: Kaseya Category: ApplicationLogs From 4c7179aff959acd050b8df8c0467a36aede58b8d Mon Sep 17 00:00:00 2001 From: Andrew Rathbun <36825567+AndrewRathbun@users.noreply.github.com> Date: Sat, 17 Aug 2024 11:17:53 -0400 Subject: [PATCH 3/4] Update ITarian.yml linter fixes --- Targets/Apps/ITarian.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Targets/Apps/ITarian.yml b/Targets/Apps/ITarian.yml index 66bd003a3..c2ed4aedd 100644 --- a/Targets/Apps/ITarian.yml +++ b/Targets/Apps/ITarian.yml @@ -25,6 +25,5 @@ Targets: Path: C:\Program Files (x86)\Comodo\Endpoint Manager\rmmlogs Comment: "" - # Documentation -# https://russianpanda.com/The-Abuse-of-ITarian-RMM-by-Dolphin-Loader \ No newline at end of file +# https://russianpanda.com/The-Abuse-of-ITarian-RMM-by-Dolphin-Loader From aadacc78dd26924bc432cdd592d5f956f355a894 Mon Sep 17 00:00:00 2001 From: Andrew Rathbun <36825567+AndrewRathbun@users.noreply.github.com> Date: Sat, 17 Aug 2024 11:18:22 -0400 Subject: [PATCH 4/4] Rename ITarian.yml to ITarian.tkape --- Targets/Apps/{ITarian.yml => ITarian.tkape} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename Targets/Apps/{ITarian.yml => ITarian.tkape} (100%) diff --git a/Targets/Apps/ITarian.yml b/Targets/Apps/ITarian.tkape similarity index 100% rename from Targets/Apps/ITarian.yml rename to Targets/Apps/ITarian.tkape