Reverse Engineering PsExec for fun and knowledge – CYBER GEEKS
Tags
country: United States Of America
attack-pattern: Data Indirect Credentials - T1589.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 New Service - T1050
Show in Graph
Common Information
Type Value
UUID de4273da-55f3-4cb2-b8a4-370cd0c1039d
Fingerprint af000d13692982a9
Analysis status DONE
Considered CTI value 0
Text language
Published April 27, 2022, midnight
Added to db June 5, 2023, 10:34 a.m.
Last updated Nov. 17, 2024, 10:40 p.m.
Headline Reverse Engineering PsExec for fun and knowledge
Title Reverse Engineering PsExec for fun and knowledge – CYBER GEEKS
Detected Hints/Tags/Attributes 52/2/15
Source URLs
Redirection Url
Details Source https://cybergeeks.tech/reverse-engineering-psexec-for-fun-and-knowledge/
URL Provider
Details Provider Source level domain
Details cybergeeks.tech cybergeeks.tech
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 91 CYBER GEEKS https://cybergeeks.tech/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1373 
twitter.com
Details Domain 281 
docs.microsoft.com
Details File 122 
psexec.exe
Details File 2126 
cmd.exe
Details File 3 
riched32.dll
Details File 31 
psexesvc.exe
Details File 25 
win.exe
Details File 3 
c:\windows\psexesvc.exe
Details sha256 2 
3b08535b4add194f5661e1131c8e81af373ca322cf669674cf1272095e5cab95
Details sha256 1 
6a6a9aa6ed43eb3f857392459c7b05a5a0df89e00a3214d333949a561bcff368
Details IPv4 1 
192.168.164.130
Details Url 1 
https://twitter.com/debugprivilege/status/1512851119688531976.
Details Url 1 
https://docs.microsoft.com/en-us/sysinternals/license-terms.
Details Url 9 
https://docs.microsoft.com/en-us/windows/win32/api
Details Url 1 
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec