open-menu
closeme
Network Connections Where There Should Not Be (Notepad)
calendar
Sep 1, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Child Process Of Wermgr.EXE
calendar
Aug 28, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
attack.t1036
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Named Pipe Patterns
calendar
Aug 8, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Injected Browser Process Spawning Rundll32
calendar
Aug 8, 2023
·
attack.defense_evasion
attack.T1055
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Named Pipe
calendar
Aug 7, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Named Pipe Pattern Regex
calendar
Aug 7, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
HackTool - EfsPotato Named Pipe Creation
calendar
Aug 7, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Malicious Named Pipe Created
calendar
Aug 7, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
APT PRIVATELOG Image Load Pattern
calendar
Jun 20, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Potential Dridex Activity
calendar
Jun 20, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
attack.discovery
attack.t1135
attack.t1033
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Dllhost.EXE Execution Anomaly
calendar
May 15, 2023
·
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Powershell Injecting Into Anything (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Process Executing Sans Command Line (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Network Connections (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Remote Thread Creation By Uncommon Source Image
calendar
May 5, 2023
·
attack.privilege_escalation
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Using Coregen.exe
calendar
Mar 15, 2023
·
attack.defense_evasion
attack.t1218
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Process Creation Using Sysnative Folder
calendar
Mar 5, 2023
·
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspect Svchost Activity
calendar
Mar 2, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
DotNet CLR DLL Loaded By Scripting Applications
calendar
Feb 23, 2023
·
attack.execution
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Potential Process Injection Via Msra.EXE
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Invoking Inline VBScript
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
HackTool - DInjector PowerShell Cradle Execution
calendar
Feb 5, 2023
·
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Malware Shellcode in Verclsid Target Process
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
PowerShell ShellCode
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
attack.execution
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Userinit Child Process
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Antivirus PrinterNightmare CVE-2021-34527 Exploit Detection
calendar
Jan 10, 2023
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Potential Shellcode Injection
calendar
Dec 23, 2022
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
PowerShell Injecting into Other Process
calendar
Nov 9, 2022
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Process Execution sans Command Lines
calendar
Nov 9, 2022
·
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Microsoft Sync Center Suspicious Network Connections
calendar
Oct 26, 2022
·
attack.t1055
attack.t1218
attack.execution
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
Notepad Making Network Connection
calendar
Oct 26, 2022
·
attack.command_and_control
attack.execution
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Created Files by Microsoft Sync Center
calendar
Oct 26, 2022
·
attack.t1055
attack.t1218
attack.execution
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
to-top