Windows Shell Items Analysis
Tags
| attack-pattern: | Data Software - T1592.002 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 347937ed-1299-46f9-a839-45163b67623a |
| Fingerprint | 150e1a6a25e72694 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 29, 2024, 9:20 p.m. |
| Added to db | Sept. 30, 2024, 12:02 a.m. |
| Last updated | Nov. 8, 2024, 12:45 a.m. |
| Headline | Windows Shell Items Analysis |
| Title | Windows Shell Items Analysis |
| Detected Hints/Tags/Attributes | 16/1/10 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://malware.news/t/windows-shell-items-analysis/86879 |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 158 | ✔ | Malware Analysis, News and Indicators - Latest topics | https://malware.news/latest.rss | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 28 | usrclass.dat |
|
| Details | File | 193 | ntuser.dat |
|
| Details | File | 1 | sbecmd.exe |
|
| Details | File | 1 | e:\users\username\appdata\local\microsoft\windows\usrclass.dat |
|
| Details | File | 1 | c:\report\ sbecmd.exe |
|
| Details | File | 1 | e:\users\username\ntuser.dat |
|
| Details | File | 10 | lecmd.exe |
|
| Details | File | 1 | c:\users\username\desktop\lnks --csv c:\users\username\desktop\report.csv |
|
| Details | Windows Registry Key | 4 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs |
|
| Details | Windows Registry Key | 2 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU |