Skip to content

Hide Navigation Hide TOC

Forfiles - S0193 (90ec2b22-7061-4469-b539-0989ec4f96c2)

Forfiles is a Windows utility commonly used in batch jobs to execute commands on one or more selected files or directories (ex: list all directories in a drive, read the first line of all files created yesterday, etc.). Forfiles can be executed from either the command line, Run window, or batch files/scripts. (Citation: Microsoft Forfiles Aug 2016)

Cluster A Galaxy A Cluster B Galaxy B Level
Data from Local System - T1005 (3c4a2599-71ee-4405-ba1e-0e28414b4bc5) Attack Pattern Forfiles - S0193 (90ec2b22-7061-4469-b539-0989ec4f96c2) mitre-tool 1
Forfiles - S0193 (90ec2b22-7061-4469-b539-0989ec4f96c2) mitre-tool Indirect Command Execution - T1202 (3b0e52ce-517a-4614-a523-1bd5deef6c5e) Attack Pattern 1
Forfiles - S0193 (90ec2b22-7061-4469-b539-0989ec4f96c2) mitre-tool File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18) Attack Pattern 1