open-menu
closeme
HackTool - CoercedPotato Execution
calendar
Apr 15, 2024
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Dllhost.EXE Execution Anomaly
calendar
Apr 1, 2024
·
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 Injection into LSASS
calendar
Mar 26, 2024
·
attack.defense_evasion
attack.t1218
attack.t1218.011
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Microsoft Sync Center Suspicious Network Connections
calendar
Mar 13, 2024
·
attack.t1055
attack.t1218
attack.execution
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
FlawedGrace spawning threat injection target
calendar
Feb 23, 2024
·
attack.defense_evasion
attack.t1055
dist.public
·
Share on:
twitter
facebook
linkedin
copy
Network Connection Initiated Via Notepad.EXE
calendar
Feb 12, 2024
·
attack.command_and_control
attack.execution
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Potential Shellcode Injection
calendar
Jan 29, 2024
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Named Pipe Patterns
calendar
Jan 29, 2024
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
stp.1k
·
Share on:
twitter
facebook
linkedin
copy
PowerShell ShellCode
calendar
Jan 26, 2024
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
attack.execution
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Rare Remote Thread Creation By Uncommon Source Image
calendar
Jan 23, 2024
·
attack.privilege_escalation
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Remote Thread Creation By Uncommon Source Image
calendar
Jan 23, 2024
·
attack.privilege_escalation
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Malicious Named Pipe Created
calendar
Dec 21, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Process Creation Using Sysnative Folder
calendar
Dec 21, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
HackTool - EfsPotato Named Pipe Creation
calendar
Dec 21, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Malware Shellcode in Verclsid Target Process
calendar
Dec 4, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Potential Process Injection Via Msra.EXE
calendar
Dec 1, 2023
·
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Using Coregen.exe
calendar
Nov 2, 2023
·
attack.defense_evasion
attack.t1218
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Antivirus PrinterNightmare CVE-2021-34527 Exploit Detection
calendar
Oct 28, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
DotNet CLR DLL Loaded By Scripting Applications
calendar
Oct 18, 2023
·
attack.execution
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspect Svchost Activity
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Created Files by Microsoft Sync Center
calendar
Oct 17, 2023
·
attack.t1055
attack.t1218
attack.execution
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
HackTool - CoercedPotato Named Pipe Creation
calendar
Oct 12, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Network Connections Where There Should Not Be (Notepad)
calendar
Sep 1, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Child Process Of Wermgr.EXE
calendar
Aug 28, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
attack.t1036
·
Share on:
twitter
facebook
linkedin
copy
Injected Browser Process Spawning Rundll32
calendar
Aug 8, 2023
·
attack.defense_evasion
attack.T1055
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Named Pipe
calendar
Aug 7, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Named Pipe Pattern Regex
calendar
Aug 7, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
APT PRIVATELOG Image Load Pattern
calendar
Jun 20, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Potential Dridex Activity
calendar
Jun 20, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
attack.discovery
attack.t1135
attack.t1033
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Powershell Injecting Into Anything (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Process Executing Sans Command Line (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Network Connections (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Invoking Inline VBScript
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
HackTool - DInjector PowerShell Cradle Execution
calendar
Feb 5, 2023
·
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Userinit Child Process
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
PowerShell Injecting into Other Process
calendar
Nov 9, 2022
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Process Execution sans Command Lines
calendar
Nov 9, 2022
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
to-top