attack.t1070.006

File Time Attribute Change

Apr 28, 2026 · attack.stealth attack.t1070.006 ·

Share on:

Detect file time attribute change to hide new or changes to existing files

File Time Attribute Change - Linux

Apr 28, 2026 · attack.stealth attack.t1070.006 ·

Share on:

Detect file time attribute change to hide new or changes to existing files.

Powershell Timestomp

Apr 28, 2026 · attack.stealth attack.t1070.006 ·

Share on:

Adversaries may modify file time attributes to hide new or changes to existing files. Timestomping is a technique that modifies the timestamps of a file (the modify, access, create, and change times), often to mimic files that are in the same folder.

Touch Suspicious Service File

Apr 28, 2026 · attack.stealth attack.t1070.006 ·

Share on:

Detects usage of the "touch" process in service file.

Unauthorized System Time Modification

Apr 28, 2026 · attack.stealth attack.t1070.006 ·

Share on:

Detect scenarios where a potentially unauthorized application or user is modifying the system time.