mkdir.exe

  • File Path: C:\Users\user\AppData\Local\GitHubDesktop\app-2.5.3\resources\app\git\usr\bin\mkdir.exe

Hashes

Type Hash
MD5 68CD2C20261D78AEC592C52B58C22E3A
SHA1 85305A7D63EEE9C5FF8979E521824E1C77869345
SHA256 461E84EDC05FE55F0868B1D79A23F94C475F184457918DEE802791CBC92DE07D
SHA384 86E2685B5A615DE8B64FF1FFC0ABD9E781DBA9BC78B504967ACC01205DE06F9C7FB5B36197ADC820080F6B76C65395BD
SHA512 1381F2947EE045CED797A56CA539C985EF1271819A846FAC4DEFA796FCE8A04E9F0AF4D0EB0E0492D2EF94F38E881A6542CA1F9F8EA78A41E44C560938E1146B
SSDEEP 1536:JeC6sTms4zW2O37j97XE/JVzUTKwnEQiHIU2JbppKUmexFfXxkuyQxEWuF9YMUf:JeCDT5R2O37J7mjHIpbppKUmexFZkuy1

Runtime Data

Usage (stdout):

Usage: /usr/bin/mkdir [OPTION]... DIRECTORY...
Create the DIRECTORY(ies), if they do not already exist.

Mandatory arguments to long options are mandatory for short options too.
  -m, --mode=MODE   set file mode (as in chmod), not a=rwx - umask
  -p, --parents     no error if existing, make parent directories as needed
  -v, --verbose     print a message for each created directory
  -Z                   set SELinux security context of each created directory
                         to the default type
      --context[=CTX]  like -Z, or if CTX is specified then set the SELinux
                         or SMACK security context to CTX
      --help     display this help and exit
      --version  output version information and exit

GNU coreutils online help: <https://www.gnu.org/software/coreutils/>
Report any translation bugs to <https://translationproject.org/team/>
Full documentation <https://www.gnu.org/software/coreutils/mkdir>
or available locally via: info '(coreutils) mkdir invocation'

Usage (stderr):

mkdir: unknown option -- h
Try '/usr/bin/mkdir --help' for more information.

Signature

  • Status: Signature verified.
  • Serial: 045D8F14A82147641722D4FAFC66BC80
  • Thumbprint: FB713A60A7FA79DFC03CB301CA05D4E8C1BDD431
  • Issuer: CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  • Subject: CN=”GitHub, Inc.”, O=”GitHub, Inc.”, L=San Francisco, S=California, C=US

File Metadata

  • Original Filename:
  • Product Name:
  • Company Name:
  • File Version:
  • Product Version:
  • Language:
  • Legal Copyright:

Possible Misuse

The following table contains possible examples of mkdir.exe being misused. While mkdir.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma lnx_auditd_hidden_files_directories.yml - mkdir DRL 1.0
malware-ioc win_apt_invisimole_wdigest_chain.yml CommandLine\|contains: 'rundll32.exe Shell32.dll ShellExec_RunDLL cmd.exe /c mkdir SMRTNTKY\MessageB.txt' © ESET 2014-2018
malware-ioc windigo_signatures.pl @sc = gc( 'mkdir -p %s', '-A 2' ); © ESET 2014-2018
malware-ioc windigo_signatures.pl @sc = gc( 'mkdir -p %s', '-B 1' ); © ESET 2014-2018
malware-ioc windigo_signatures.pl @sc = gc( 'mkdir -p %s', '-A 1' ); © ESET 2014-2018
malware-ioc windigo_signatures.pl @sd = gs( 'mkdir -p %s', '-C 1' ); © ESET 2014-2018
malware-ioc windigo_signatures.pl @sc = gs( 'mkdir -p %s', '-A 2' ); © ESET 2014-2018
malware-ioc windigo_signatures.pl qw{ mkdir var aeiouy bcdfghklmnprstvzx bcdfghklmnprstvz 000 aeiouybcdfg hklmnprstv aeiouybcdfghklmnprstvzx klmnprstvzx bcdfg rstvzx bcdfghklmn \000 }; © ESET 2014-2018
atomic-red-team T1003.003.md mkdir #{extract_path} MIT License. © 2018 Red Canary
atomic-red-team T1003.003.md mkdir #{output_folder} MIT License. © 2018 Red Canary
atomic-red-team T1014.md if [ ! -d #{temp_folder} ]; then mkdir #{temp_folder}; touch #{temp_folder}/safe_to_delete; fi; MIT License. © 2018 Red Canary
atomic-red-team T1030.md if [ ! -d #{folder_path} ]; then mkdir -p #{folder_path}; touch #{folder_path}/safe_to_delete; fi; dd if=/dev/urandom of=#{folder_path}/#{file_name} bs=25000000 count=1 MIT License. © 2018 Red Canary
atomic-red-team T1036.005.md mkdir $HOME/… MIT License. © 2018 Red Canary
atomic-red-team T1036.006.md mkdir -p /tmp/atomic-test-T1036.006 MIT License. © 2018 Red Canary
atomic-red-team T1036.006.md mkdir -p ‘testdirwithspaceend ‘ MIT License. © 2018 Red Canary
atomic-red-team T1048.003.md mkdir /tmp/victim-staging-area MIT License. © 2018 Red Canary
atomic-red-team T1070.004.md mkdir #{folder_to_delete} MIT License. © 2018 Red Canary
atomic-red-team T1119.md mkdir %temp%\T1119_command_prompt_collection >nul 2>&1 MIT License. © 2018 Red Canary
atomic-red-team T1137.md mkdir %APPDATA%\Microsoft\Outlook\ >nul 2>&1 MIT License. © 2018 Red Canary
atomic-red-team T1222.001.md mkdir #{file_folder_to_own} MIT License. © 2018 Red Canary
atomic-red-team T1222.001.md mkdir #{file_or_folder} MIT License. © 2018 Red Canary
atomic-red-team T1222.001.md mkdir #{file_or_folder} >nul 2>&1 MIT License. © 2018 Red Canary
atomic-red-team T1543.001.md if [ ! -d ~/Library/LaunchAgents ]; then mkdir ~/Library/LaunchAgents; fi; MIT License. © 2018 Red Canary
atomic-red-team T1547.006.md if [ ! -d #{temp_folder} ]; then mkdir #{temp_folder}; touch #{temp_folder}/safe_to_delete; fi; MIT License. © 2018 Red Canary
atomic-red-team T1548.002.md mkdir “\?\C:\Windows \System32" MIT License. © 2018 Red Canary
atomic-red-team T1552.004.md mkdir #{output_folder} MIT License. © 2018 Red Canary
atomic-red-team T1560.001.md mkdir .\tmp\victim-files MIT License. © 2018 Red Canary
atomic-red-team T1560.001.md mkdir $PathToAtomicsFolder\T1560.001\victim-files MIT License. © 2018 Red Canary
atomic-red-team T1560.001.md mkdir -p #{test_folder} MIT License. © 2018 Red Canary
atomic-red-team T1564.001.md mkdir /var/tmp/.hidden-directory MIT License. © 2018 Red Canary
signature-base apt_fancybear_osxagent.yar $s2 = “mkdir -p /Users/Shared/.local/ &> /dev/null” fullword ascii CC BY-NC 4.0
signature-base apt_fvey_shadowbroker_dec16.yar $s4 = “mkdir TEMP_DIR; cd TEMP_DIR; cat < /dev/tcp/REDIR_IP/RED” ascii CC BY-NC 4.0
signature-base apt_fvey_shadowbroker_dec16.yar $s1 = “/sbin/sh -c (mkdir /tmp/.X11R6; cd /tmp/.X11R6 && telnet” ascii CC BY-NC 4.0
signature-base apt_shamoon2.yar $s1 = “mkdir %s%s > nul 2>&1” fullword ascii CC BY-NC 4.0
signature-base thor-webshells.yar $s0 = “{mkdir("$dizin/$duzenx2",777)” CC BY-NC 4.0
signature-base thor-webshells.yar $s11 = “<form action=<?=$script?>?act=mkdir method=POST>” fullword CC BY-NC 4.0
signature-base thor-webshells.yar $s9 = “if (mkdir($_POST[‘dir’], 0777) == false) {“ fullword CC BY-NC 4.0
stockpile 6469befa-748a-4b9c-a96d-f191fde47d89.yml mkdir -p staged && echo $PWD/staged Apache-2.0

Additional Info*

*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.


mkdir

Creates a directory or subdirectory. Command extensions, which are enabled by default, allow you to use a single mkdir command to create intermediate directories in a specified path.

[!NOTE] This command is the same as the md command.

Syntax

mkdir [<drive>:]<path>

Parameters

Parameter Description
<drive>: Specifies the drive on which you want to create the new directory.
<path> Specifies the name and location of the new directory. The maximum length of any single path is determined by the file system. This is a required parameter.
/? Displays help at the command prompt.

Examples

To create a directory named Directory1 within the current directory, type:

mkdir Directory1

To create the directory tree Taxes\Property\Current within the root directory, with command extensions enabled, type:

mkdir \Taxes\Property\Current

To create the directory tree Taxes\Property\Current within the root directory as in the previous example, but with command extensions disabled, type the following sequence of commands:

mkdir \Taxes
mkdir \Taxes\Property
mkdir \Taxes\Property\Current

Additional References


MIT License. Copyright (c) 2020-2021 Strontic.