Red Teaming 101: Bypass Mark of the Web (MotW) on Windows (Part 2)
Tags
| attack-pattern: | Data Powershell - T1059.001 Software - T1592.002 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | 58ff0096-3c27-4d03-b48d-c638b26cb01a |
| Fingerprint | 1487bb72e1861b2d |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | Oct. 7, 2024, 12:25 a.m. |
| Added to db | Oct. 7, 2024, 3:01 a.m. |
| Last updated | Nov. 17, 2024, 5:50 p.m. |
| Headline | Red Teaming 101: Bypass Mark of the Web (MotW) on Windows (Part 2) |
| Title | Red Teaming 101: Bypass Mark of the Web (MotW) on Windows (Part 2) |
| Detected Hints/Tags/Attributes | 27/1/7 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 168 | ✔ | Infosec on Medium | https://medium.com/feed/tag/infosec | 2024-08-30 22:08 |
| Details | 171 | ✔ | Malware on Medium | https://medium.com/feed/tag/malware | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 14 | files.zip |
|
| Details | Domain | 4 | textslashplain.com |
|
| Details | Domain | 1 | nolongerset.com |
|
| Details | File | 15 | files.zip |
|
| Details | File | 33 | shell.exe |
|
| Details | File | 3 | image.gif |
|
| Details | Url | 1 | https://textslashplain.com/2016/04/04/downloads-and-the-mark-of-the-web/?ref=nolongerset.com |