open-menu
closeme
Adwind RAT / JRAT
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.005
attack.t1059.007
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
Adwind RAT / JRAT File Artifact
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
Csc.EXE Execution Form Potentially Suspicious Parent
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.005
attack.t1059.007
attack.defense-evasion
attack.t1218.005
attack.t1027.004
·
Share on:
twitter
facebook
linkedin
copy
Cscript/Wscript Uncommon Script Extension Execution
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
File Was Not Allowed To Run
calendar
Aug 12, 2024
·
attack.execution
attack.t1204.002
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.006
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
HackTool - CACTUSTORCH Remote Thread Creation
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.execution
attack.t1055.012
attack.t1059.005
attack.t1059.007
attack.t1218.005
·
Share on:
twitter
facebook
linkedin
copy
HackTool - Koadic Execution
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.003
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
HTML Help HH.EXE Suspicious Child Process
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.execution
attack.initial-access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
JXA In-memory Execution Via OSAScript
calendar
Aug 12, 2024
·
attack.t1059.002
attack.t1059.007
attack.execution
·
Share on:
twitter
facebook
linkedin
copy
MSHTA Suspicious Execution 01
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1140
attack.t1218.005
attack.execution
attack.t1059.007
cve.2020-1599
·
Share on:
twitter
facebook
linkedin
copy
Node Process Executions
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
Potential Dropper Script Execution Via WScript/CScript
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
Potential In-Memory Download And Compile Of Payloads
calendar
Aug 12, 2024
·
attack.command-and-control
attack.execution
attack.t1059.007
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Potential SquiblyTwo Technique Execution
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1047
attack.t1220
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
Suspicious HH.EXE Execution
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.execution
attack.initial-access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Installer Package Child Process
calendar
Aug 12, 2024
·
attack.t1059
attack.t1059.007
attack.t1071
attack.t1071.001
attack.execution
attack.command-and-control
·
Share on:
twitter
facebook
linkedin
copy
WScript or CScript Dropper - File
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
to-top