open-menu
closeme
JXA In-memory Execution Via OSAScript
calendar
Dec 1, 2023
·
attack.t1059.002
attack.t1059.007
attack.execution
·
Share on:
twitter
facebook
linkedin
copy
Csc.EXE Execution Form Potentially Suspicious Parent
calendar
Nov 6, 2023
·
attack.execution
attack.t1059.005
attack.t1059.007
attack.defense_evasion
attack.t1218.005
attack.t1027.004
·
Share on:
twitter
facebook
linkedin
copy
WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
calendar
Oct 28, 2023
·
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
Adwind RAT / JRAT
calendar
Oct 18, 2023
·
attack.execution
attack.t1059.005
attack.t1059.007
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Adwind RAT / JRAT File Artifact
calendar
Oct 18, 2023
·
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
Cscript/Wscript Uncommon Script Extension Execution
calendar
Oct 18, 2023
·
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
Potential SquiblyTwo Technique Execution
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.t1047
attack.t1220
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
Node Process Executions
calendar
Oct 17, 2023
·
attack.defense_evasion
attack.t1127
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
WScript or CScript Dropper - File
calendar
Oct 17, 2023
·
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
Potential In-Memory Download And Compile Of Payloads
calendar
Aug 22, 2023
·
attack.command_and_control
attack.execution
attack.t1059.007
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Adwind RAT / JRAT - Registry
calendar
Aug 17, 2023
·
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
HackTool - CACTUSTORCH Remote Thread Creation
calendar
May 5, 2023
·
attack.defense_evasion
attack.execution
attack.t1055.012
attack.t1059.005
attack.t1059.007
attack.t1218.005
·
Share on:
twitter
facebook
linkedin
copy
HTML Help HH.EXE Suspicious Child Process
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.execution
attack.initial_access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious HH.EXE Execution
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.execution
attack.initial_access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
MSHTA Suspicious Execution 01
calendar
Feb 22, 2023
·
attack.defense_evasion
attack.t1140
attack.t1218.005
attack.execution
attack.t1059.007
cve.2020.1599
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Installer Package Child Process
calendar
Feb 21, 2023
·
attack.t1059
attack.t1059.007
attack.t1071
attack.t1071.001
attack.execution
attack.command_and_control
·
Share on:
twitter
facebook
linkedin
copy
HackTool - Koadic Execution
calendar
Feb 11, 2023
·
attack.execution
attack.t1059.003
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
WScript or CScript Dropper
calendar
Feb 1, 2023
·
attack.execution
attack.t1059.005
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
File Was Not Allowed To Run
calendar
Oct 25, 2022
·
attack.execution
attack.t1204.002
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.006
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
to-top