infosecn1nja
/
atomic-red-team
mirror of https://github.com/infosecn1nja/atomic-red-team.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
atomic-red-team/Windows/Defense_Evasion/Timestomp.md

386 B
Raw Permalink Blame History

Timestomp

MITRE ATT&CK Technique: T1099

Timestomp with PowerShell

Source: https://gist.github.com/obscuresec/7b0cf71d7a8dd5e7b54c

echo "Atomic Test File" > test.txt
PowerShell.exe -com {$file=(gi test.txt);$date='06/06/2006 12:12 pm';$file.LastWriteTime=$date;$file.LastAccessTime=$date;$file.CreationTime=$date}