Toolsmith In-depth Analysis: ProcFilter - YARA-integrated Windows process denial framework
Tags
attack-pattern: Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Python - T1059.006 Software - T1592.002 Windows Service - T1543.003 Tool - T1588.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID c23c9c7d-0fbf-4ae8-bc46-39a7b3b28abd
Fingerprint 3f3cfb1b0a24b792
Analysis status DONE
Considered CTI value 0
Text language
Published Aug. 9, 2016, 1:09 a.m.
Added to db Jan. 18, 2023, 9:47 p.m.
Last updated Nov. 5, 2024, 12:55 p.m.
Headline UNKNOWN
Title Toolsmith In-depth Analysis: ProcFilter - YARA-integrated Windows process denial framework
Detected Hints/Tags/Attributes 29/1/4
Source URLs
Redirection Url
Details Source https://holisticinfosec.blogspot.com/2016/08/toolsmith-in-depth-analysis-procfilter.html
URL Provider
Details Provider Source level domain
Details blogspot.com holisticinfosec.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 20 
is.gd
Details File 27 
invoke-mimikatz.ps1
Details File 1 
procfilter.ini
Details Url 5 
http://is.gd/oeofui