open-menu
closeme
HackTool - DInjector PowerShell Cradle Execution
calendar
Sep 13, 2024
·
attack.defense-evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
HackTool - CoercedPotato Named Pipe Creation
calendar
Sep 2, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Injected Browser Process Spawning Rundll32 - GuLoader Activity
calendar
Sep 2, 2024
·
attack.defense-evasion
attack.t1055
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Using Coregen.exe
calendar
Aug 29, 2024
·
attack.defense-evasion
attack.t1218
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Child Process Of Wermgr.EXE
calendar
Aug 29, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
attack.t1036
·
Share on:
twitter
facebook
linkedin
copy
Antivirus PrinterNightmare CVE-2021-34527 Exploit Detection
calendar
Aug 12, 2024
·
attack.privilege-escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
APT PRIVATELOG Image Load Pattern
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Named Pipe
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Named Pipe Pattern Regex
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Named Pipe Patterns
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
stp.1k
·
Share on:
twitter
facebook
linkedin
copy
Created Files by Microsoft Sync Center
calendar
Aug 12, 2024
·
attack.t1055
attack.t1218
attack.execution
attack.defense-evasion
·
Share on:
twitter
facebook
linkedin
copy
Dllhost.EXE Execution Anomaly
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
DotNet CLR DLL Loaded By Scripting Applications
calendar
Aug 12, 2024
·
attack.execution
attack.privilege-escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
HackTool - CoercedPotato Execution
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
HackTool - EfsPotato Named Pipe Creation
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Malicious Named Pipe Created
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Malware Shellcode in Verclsid Target Process
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
Microsoft Sync Center Suspicious Network Connections
calendar
Aug 12, 2024
·
attack.t1055
attack.t1218
attack.execution
attack.defense-evasion
·
Share on:
twitter
facebook
linkedin
copy
Network Connection Initiated Via Notepad.EXE
calendar
Aug 12, 2024
·
attack.command-and-control
attack.execution
attack.defense-evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Potential Dridex Activity
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
attack.discovery
attack.t1135
attack.t1033
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
Potential Process Injection Via Msra.EXE
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
PowerShell ShellCode
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
attack.execution
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Process Creation Using Sysnative Folder
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Rare Remote Thread Creation By Uncommon Source Image
calendar
Aug 12, 2024
·
attack.privilege-escalation
attack.defense-evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Remote Thread Created In Shell Application
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Remote Thread Creation By Uncommon Source Image
calendar
Aug 12, 2024
·
attack.privilege-escalation
attack.defense-evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspect Svchost Activity
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.privilege-escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Invoking Inline VBScript
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Userinit Child Process
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Injected Browser Process Spawning Rundll32
calendar
Aug 10, 2024
·
attack.defense_evasion
attack.T1055
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 Injection into LSASS
calendar
Mar 26, 2024
·
attack.defense_evasion
attack.t1218
attack.t1218.011
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
FlawedGrace spawning threat injection target
calendar
Feb 23, 2024
·
attack.defense_evasion
attack.t1055
dist.public
·
Share on:
twitter
facebook
linkedin
copy
Network Connections Where There Should Not Be (Notepad)
calendar
Sep 1, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Powershell Injecting Into Anything (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Process Executing Sans Command Line (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Network Connections (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
PowerShell Injecting into Other Process
calendar
Nov 9, 2022
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Process Execution sans Command Lines
calendar
Nov 9, 2022
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
to-top