ioc[.]one - OSINT Cyber Threat Intelligence Database

Timeline Analysis, and Program Execution

Tags

attack-pattern:

Data Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	dd1597dd-a84a-4c7f-8851-32e6624a5082
Fingerprint	705c496765a30581
Analysis status	DONE
Considered CTI value	0
Text language
Published	June 14, 2012, 2:51 p.m.
Added to db	Jan. 19, 2023, 12:07 a.m.
Last updated	Nov. 8, 2024, 12:45 a.m.
Headline	Windows Incident Response
Title	Timeline Analysis, and Program Execution
Detected Hints/Tags/Attributes	31/1/17

Source URLs

	Redirection	Url
Details	Source	http://windowsir.blogspot.com/2012/06/timeline-analysis-and-program-execution.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	windowsir.blogspot.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		autoruns.exe-1cf578dd.pf
Details	Domain	1		autorunsc.exe-c5802224.pf
Details	Domain	3		autoruns.zip
Details	File	1		events.txt
Details	File	1		autoruns_events.txt
Details	File	1		autoruns_tln.txt
Details	File	30		autoruns.exe
Details	File	15		autorunsc.exe
Details	File	1		c:\tools\autoruns.exe
Details	File	1		c:\users\john\downloads\autoruns.zip
Details	File	1		c:\tools\autorunsc.exe
Details	File	3		autoruns.chm
Details	File	2		autoruns.zip
Details	File	4		fls.exe
Details	File	1		c:\users\ birth_obj_id_node 08:00:27:dd:64:d1 birth_obj_id_seq 9270 birth_obj_id_time tue may 15 21:09:27 2012 birth_vol_id 2c645c57d81c5047b7dde13c2834aad2 commonpathsuffix john\downloads\autoruns.zip
Details	File	193		ntuser.dat
Details	md5	1		2C645C57D81C5047B7DDE13C2834AAD2