File system ops, effects on MFT records
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 0fd8aad2-d48c-4474-8c41-d979f97007c3 |
| Fingerprint | f41c4b65a98885b7 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 22, 2014, 4:48 p.m. |
| Added to db | Jan. 19, 2023, 12:07 a.m. |
| Last updated | Nov. 8, 2024, 11:37 a.m. |
| Headline | Windows Incident Response |
| Title | File system ops, effects on MFT records |
| Detected Hints/Tags/Attributes | 27/2/20 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | usnj.pl |
|
| Details | Domain | 1 | parse.pl |
|
| Details | Domain | 1 | consent.exe-531bd9ea.pf |
|
| Details | File | 1 | usnj.pl |
|
| Details | File | 1 | parse.pl |
|
| Details | File | 9 | eula.txt |
|
| Details | File | 1 | eula30.txt |
|
| Details | File | 2 | eula_30.txt |
|
| Details | File | 1 | procmon.chm |
|
| Details | File | 16 | ads.txt |
|
| Details | File | 1 | tunnel.bat |
|
| Details | File | 74 | procmon.exe |
|
| Details | File | 1 | c:\windows\logs\ie9_nr_setup.log |
|
| Details | File | 1 | c:\users\ie9_nr_setup.log |
|
| Details | File | 1 | ie9_nr_setup.log |
|
| Details | File | 12 | 1.log |
|
| Details | File | 14 | consent.exe |
|
| Details | File | 1 | c:\windows\logs\ie10_nr_setup.log |
|
| Details | File | 1 | c:\temp\ie10_nr_setup.log |
|
| Details | File | 1 | ie10_nr_setup.log |