mkdir.exe

• File Path: C:\Users\user\AppData\Local\GitHubDesktop\app-2.5.3\resources\app\git\usr\bin\mkdir.exe

Hashes

Type	Hash
MD5	68CD2C20261D78AEC592C52B58C22E3A
SHA1	85305A7D63EEE9C5FF8979E521824E1C77869345
SHA256	461E84EDC05FE55F0868B1D79A23F94C475F184457918DEE802791CBC92DE07D
SHA384	86E2685B5A615DE8B64FF1FFC0ABD9E781DBA9BC78B504967ACC01205DE06F9C7FB5B36197ADC820080F6B76C65395BD
SHA512	1381F2947EE045CED797A56CA539C985EF1271819A846FAC4DEFA796FCE8A04E9F0AF4D0EB0E0492D2EF94F38E881A6542CA1F9F8EA78A41E44C560938E1146B
SSDEEP	1536:JeC6sTms4zW2O37j97XE/JVzUTKwnEQiHIU2JbppKUmexFfXxkuyQxEWuF9YMUf:JeCDT5R2O37J7mjHIpbppKUmexFZkuy1

Runtime Data

Usage (stdout):

Usage: /usr/bin/mkdir [OPTION]... DIRECTORY...
Create the DIRECTORY(ies), if they do not already exist.

Mandatory arguments to long options are mandatory for short options too.
  -m, --mode=MODE   set file mode (as in chmod), not a=rwx - umask
  -p, --parents     no error if existing, make parent directories as needed
  -v, --verbose     print a message for each created directory
  -Z                   set SELinux security context of each created directory
                         to the default type
      --context[=CTX]  like -Z, or if CTX is specified then set the SELinux
                         or SMACK security context to CTX
      --help     display this help and exit
      --version  output version information and exit

GNU coreutils online help: <https://www.gnu.org/software/coreutils/>
Report any translation bugs to <https://translationproject.org/team/>
Full documentation <https://www.gnu.org/software/coreutils/mkdir>
or available locally via: info '(coreutils) mkdir invocation'

Usage (stderr):

mkdir: unknown option -- h
Try '/usr/bin/mkdir --help' for more information.

Signature

• Status: Signature verified.
• Serial: 045D8F14A82147641722D4FAFC66BC80
• Thumbprint: FB713A60A7FA79DFC03CB301CA05D4E8C1BDD431
• Issuer: CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US
• Subject: CN=”GitHub, Inc.”, O=”GitHub, Inc.”, L=San Francisco, S=California, C=US

File Metadata

• Original Filename:
• Product Name:
• Company Name:
• File Version:
• Product Version:
• Language:
• Legal Copyright:

Possible Misuse

The following table contains possible examples of mkdir.exe being misused. While mkdir.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source	Source File	Example	License
sigma	lnx_auditd_hidden_files_directories.yml	- mkdir	DRL 1.0
malware-ioc	win_apt_invisimole_wdigest_chain.yml	CommandLine\|contains: 'rundll32.exe Shell32.dll ShellExec_RunDLL cmd.exe /c mkdir SMRTNTKY\MessageB.txt'	© ESET 2014-2018
malware-ioc	windigo_signatures.pl	@sc = gc( 'mkdir -p %s', '-A 2' );	© ESET 2014-2018
malware-ioc	windigo_signatures.pl	@sc = gc( 'mkdir -p %s', '-B 1' );	© ESET 2014-2018
malware-ioc	windigo_signatures.pl	@sc = gc( 'mkdir -p %s', '-A 1' );	© ESET 2014-2018
malware-ioc	windigo_signatures.pl	@sd = gs( 'mkdir -p %s', '-C 1' );	© ESET 2014-2018
malware-ioc	windigo_signatures.pl	@sc = gs( 'mkdir -p %s', '-A 2' );	© ESET 2014-2018
malware-ioc	windigo_signatures.pl	qw{ mkdir var aeiouy bcdfghklmnprstvzx bcdfghklmnprstvz 000 aeiouybcdfg hklmnprstv aeiouybcdfghklmnprstvzx klmnprstvzx bcdfg rstvzx bcdfghklmn \000 };	© ESET 2014-2018
atomic-red-team	T1003.003.md	mkdir #{extract_path}	MIT License. © 2018 Red Canary
atomic-red-team	T1003.003.md	mkdir #{output_folder}	MIT License. © 2018 Red Canary
atomic-red-team	T1014.md	if [ ! -d #{temp_folder} ]; then mkdir #{temp_folder}; touch #{temp_folder}/safe_to_delete; fi;	MIT License. © 2018 Red Canary
atomic-red-team	T1030.md	if [ ! -d #{folder_path} ]; then mkdir -p #{folder_path}; touch #{folder_path}/safe_to_delete; fi; dd if=/dev/urandom of=#{folder_path}/#{file_name} bs=25000000 count=1	MIT License. © 2018 Red Canary
atomic-red-team	T1036.005.md	mkdir $HOME/…	MIT License. © 2018 Red Canary
atomic-red-team	T1036.006.md	mkdir -p /tmp/atomic-test-T1036.006	MIT License. © 2018 Red Canary
atomic-red-team	T1036.006.md	mkdir -p ‘testdirwithspaceend ‘	MIT License. © 2018 Red Canary
atomic-red-team	T1048.003.md	mkdir /tmp/victim-staging-area	MIT License. © 2018 Red Canary
atomic-red-team	T1070.004.md	mkdir #{folder_to_delete}	MIT License. © 2018 Red Canary
atomic-red-team	T1119.md	mkdir %temp%\T1119_command_prompt_collection >nul 2>&1	MIT License. © 2018 Red Canary
atomic-red-team	T1137.md	mkdir %APPDATA%\Microsoft\Outlook\ >nul 2>&1	MIT License. © 2018 Red Canary
atomic-red-team	T1222.001.md	mkdir #{file_folder_to_own}	MIT License. © 2018 Red Canary
atomic-red-team	T1222.001.md	mkdir #{file_or_folder}	MIT License. © 2018 Red Canary
atomic-red-team	T1222.001.md	mkdir #{file_or_folder} >nul 2>&1	MIT License. © 2018 Red Canary
atomic-red-team	T1543.001.md	if [ ! -d ~/Library/LaunchAgents ]; then mkdir ~/Library/LaunchAgents; fi;	MIT License. © 2018 Red Canary
atomic-red-team	T1547.006.md	if [ ! -d #{temp_folder} ]; then mkdir #{temp_folder}; touch #{temp_folder}/safe_to_delete; fi;	MIT License. © 2018 Red Canary
atomic-red-team	T1548.002.md	mkdir “\?\C:\Windows \System32"	MIT License. © 2018 Red Canary
atomic-red-team	T1552.004.md	mkdir #{output_folder}	MIT License. © 2018 Red Canary
atomic-red-team	T1560.001.md	mkdir .\tmp\victim-files	MIT License. © 2018 Red Canary
atomic-red-team	T1560.001.md	mkdir $PathToAtomicsFolder\T1560.001\victim-files	MIT License. © 2018 Red Canary
atomic-red-team	T1560.001.md	mkdir -p #{test_folder}	MIT License. © 2018 Red Canary
atomic-red-team	T1564.001.md	mkdir /var/tmp/.hidden-directory	MIT License. © 2018 Red Canary
signature-base	apt_fancybear_osxagent.yar	$s2 = “mkdir -p /Users/Shared/.local/ &> /dev/null” fullword ascii	CC BY-NC 4.0
signature-base	apt_fvey_shadowbroker_dec16.yar	$s4 = “mkdir TEMP_DIR; cd TEMP_DIR; cat < /dev/tcp/REDIR_IP/RED” ascii	CC BY-NC 4.0
signature-base	apt_fvey_shadowbroker_dec16.yar	$s1 = “/sbin/sh -c (mkdir /tmp/.X11R6; cd /tmp/.X11R6 && telnet” ascii	CC BY-NC 4.0
signature-base	apt_shamoon2.yar	$s1 = “mkdir %s%s > nul 2>&1” fullword ascii	CC BY-NC 4.0
signature-base	thor-webshells.yar	$s0 = “{mkdir("$dizin/$duzenx2",777)”	CC BY-NC 4.0
signature-base	thor-webshells.yar	$s11 = “<form action=<?=$script?>?act=mkdir method=POST>” fullword	CC BY-NC 4.0
signature-base	thor-webshells.yar	$s9 = “if (mkdir($_POST[‘dir’], 0777) == false) {“ fullword	CC BY-NC 4.0
stockpile	6469befa-748a-4b9c-a96d-f191fde47d89.yml	mkdir -p staged && echo $PWD/staged	Apache-2.0

Additional Info*

*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.

---

mkdir

Creates a directory or subdirectory. Command extensions, which are enabled by default, allow you to use a single mkdir command to create intermediate directories in a specified path.

[!NOTE] This command is the same as the md command.

Syntax

mkdir [<drive>:]<path>

Parameters

Parameter	Description
<drive>:	Specifies the drive on which you want to create the new directory.
<path>	Specifies the name and location of the new directory. The maximum length of any single path is determined by the file system. This is a required parameter.
/?	Displays help at the command prompt.

Examples

To create a directory named Directory1 within the current directory, type:

mkdir Directory1

To create the directory tree Taxes\Property\Current within the root directory, with command extensions enabled, type:

mkdir \Taxes\Property\Current

To create the directory tree Taxes\Property\Current within the root directory as in the previous example, but with command extensions disabled, type the following sequence of commands:

mkdir \Taxes
mkdir \Taxes\Property
mkdir \Taxes\Property\Current

Additional References

• Command-Line Syntax Key

• md command

---

MIT License. Copyright (c) 2020-2021 Strontic.