System Time Discovery (T1124)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • System Time Discovery

Associated Tactics

  • Discovery

Discovery (TA0007)

The adversary is trying to figure out your environment. Discovery consists of techniques an adversary may use to gain knowledge about the system and internal network. These techniques help adversaries observe the environment and orient themselves before deciding how to act. They also allow adversaries to explore what they can control and what’s around their entry point in order to discover how it could benefit their current objective. Native operating system tools are often used toward this post-compromise information-gathering objective.

View on ATT&CK

Procedure Examples

Description Source(s)
Apple Support. (n.d.). About systemsetup in Remote Desktop. Retrieved March 27, 2024. systemsetup mac time
ArchLinux. (2024, February 1). System Time. Retrieved March 27, 2024. linux system time
Check Point Research. (2024, March 8). MAGNET GOBLIN TARGETS PUBLICLY FACING SERVERS USING 1-DAY VULNERABILITIES. Retrieved March 27, 2024. MAGNET GOBLIN
Cisco. (2023, March 6). show clock detail - Cisco IOS Security Command Reference: Commands S to Z . Retrieved July 13, 2022. show_clock_detail_cisco_cmd
Cone, Matt. (2021, January 14). Synchronize your Mac's Clock with a Time Server. Retrieved March 27, 2024. Mac Time Sync
M.Léveillé, M., Cherepanov, A.. (2022, January 25). Watering hole deploys new macOS malware, DazzleSpy, in Asia. Retrieved May 6, 2022. ESET DazzleSpy Jan 2022
Malicious History. (2020, September 17). Time Bombs: Malware With Delayed Execution. Retrieved April 22, 2021. AnyRun TimeBomb
Mathers, B. (2016, September 30). Windows Time Service Tools and Settings. Retrieved November 25, 2016. Technet Windows Time Service
Microsoft. (n.d.). System Time. Retrieved November 25, 2016. MSDN System Time
Rivner, U., Schwartz, E. (2012). They’re Inside… Now What?. Retrieved November 25, 2016. RSA EU12 They're Inside
YUCEEL, Huseyin Can. Picus Labs. (2022, June 9). The System Information Discovery Technique Explained - MITRE ATT&CK T1082. Retrieved March 27, 2024. System Information Discovery Technique
YUCEEL, Huseyin Can. Picus Labs. (2022, June 9). Virtualization/Sandbox Evasion - How Attackers Avoid Malware Analysis. Retrieved December 26, 2023. Virtualization/Sandbox Evasion