Skip to content

Hide Navigation Hide TOC

File Creation Date Changed to Another Year (558eebe5-f2ba-4104-b339-36f7902bcc1a)

Attackers may change the file creation time of a backdoor to make it look like it was installed with the operating system. Note that many processes legitimately change the creation time of a file; it does not necessarily indicate malicious activity.

Cluster A Galaxy A Cluster B Galaxy B Level
Timestomp - T1070.006 (47f2d673-ca62-47e9-929b-1b0be9657611) Attack Pattern File Creation Date Changed to Another Year (558eebe5-f2ba-4104-b339-36f7902bcc1a) Sigma-Rules 1
Timestomp - T1070.006 (47f2d673-ca62-47e9-929b-1b0be9657611) Attack Pattern Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern 2