open-menu
closeme
Suspicious DNS Query for IP Lookup Service APIs
calendar
Dec 1, 2023
·
attack.reconnaissance
attack.t1590
·
Share on:
twitter
facebook
linkedin
copy
DNS Query for Anonfiles.com Domain - Sysmon
calendar
Dec 1, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
DNS Query To Devtunnels Domain
calendar
Nov 20, 2023
·
attack.command_and_control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
DNS Query To Visual Studio Code Tunnels Domain
calendar
Nov 20, 2023
·
attack.command_and_control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
AppX Package Installation Attempts Via AppInstaller.EXE
calendar
Nov 14, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
DNS Query To Remote Access Software Domain From Non-Browser App
calendar
Oct 18, 2023
·
attack.command_and_control
attack.t1219
·
Share on:
twitter
facebook
linkedin
copy
DNS Query Request By Regsvr32.EXE
calendar
Oct 4, 2023
·
attack.execution
attack.t1559.001
attack.defense_evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
DNS Query To MEGA Hosting Website
calendar
Oct 4, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
DNS Query To Ufile.io
calendar
Oct 4, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
DNS Query Tor .Onion Address - Sysmon
calendar
Oct 4, 2023
·
attack.command_and_control
attack.t1090.003
·
Share on:
twitter
facebook
linkedin
copy
DNS Server Discovery Via LDAP Query
calendar
Oct 4, 2023
·
attack.discovery
attack.t1482
·
Share on:
twitter
facebook
linkedin
copy
TeamViewer Domain Query By Non-TeamViewer Application
calendar
Oct 4, 2023
·
attack.command_and_control
attack.t1219
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Cobalt Strike DNS Beaconing - Sysmon
calendar
Feb 1, 2023
·
attack.command_and_control
attack.t1071.004
·
Share on:
twitter
facebook
linkedin
copy
DNS HybridConnectionManager Service Bus
calendar
Jan 17, 2023
·
attack.persistence
attack.t1554
·
Share on:
twitter
facebook
linkedin
copy
to-top