attack.t1036.007 | Detection.FYI

Suspicious Double Extension Files
May 15, 2023 · attack.defense_evasion attack.t1036.007 ·
Share on:
Detects dropped files with double extensions, which is often used by malware as a method to abuse the fact that windows hide default extensions by default.

Read More
Suspicious LNK Double Extension File
May 15, 2023 · attack.defense_evasion attack.t1036.007 ·
Share on:
Detects the creation of files with an "LNK" as a second extension. This is sometimes used by malware as a method to abuse the fact that Windows hides the "LNK" extension by default.

Read More
Suspicious Parent Double Extension File Execution
Feb 28, 2023 · attack.defense_evasion attack.t1036.007 ·
Share on:
Detect execution of suspicious double extension files in ParentCommandLine

Read More