Skip to content

Hide Navigation Hide TOC

Chmod Targeting Sensitive Directories (6419afd1-3742-47a5-a7e6-b50386cd15f8)

Detects chmod targeting files in sensitive directory paths on Linux systems. Attackers may use chmod to change permissions of files in these directories to maintain persistence, escalate privileges, or disrupt system operations.

Cluster A Galaxy A Cluster B Galaxy B Level
Linux and Mac Permissions - T1222.002 (09b130a2-a77e-4af0-a361-f46f9aad1345) Attack Pattern Chmod Targeting Sensitive Directories (6419afd1-3742-47a5-a7e6-b50386cd15f8) Sigma-Rules 1
Linux and Mac Permissions - T1222.002 (09b130a2-a77e-4af0-a361-f46f9aad1345) Attack Pattern File and Directory Permissions Modification - T1222 (65917ae0-b854-4139-83fe-bf2441cf0196) Attack Pattern 2