open-menu
closeme
PCRE.NET Package Image Load
calendar
Jun 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Wscript Shell Run In CommandLine
calendar
May 17, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
PowerShell Download and Execution Cradles
calendar
May 9, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Suspicious File Created In PerfLogs
calendar
May 5, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Potential Netcat Reverse Shell Execution
calendar
Apr 25, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Potential Xterm Reverse Shell
calendar
Apr 25, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Python Spawning Pretty TTY
calendar
Apr 25, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
HackTool - Stracciatella Execution
calendar
Apr 21, 2023
·
attack.execution
attack.defense_evasion
attack.t1059
attack.t1562.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Elevated System Shell
calendar
Apr 20, 2023
·
attack.privilege_escalation
attack.defense_evasion
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Add Insecure Download Source To Winget
calendar
Apr 19, 2023
·
attack.defense_evasion
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Install New Package Via Winget Local Manifest
calendar
Apr 19, 2023
·
attack.defense_evasion
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Add New Download Source To Winget
calendar
Apr 18, 2023
·
attack.defense_evasion
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Add Potential Suspicious New Download Source To Winget
calendar
Apr 18, 2023
·
attack.defense_evasion
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Greedy Compression Using Rar.EXE
calendar
Apr 12, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Conhost Spawned By Uncommon Parent Process
calendar
Apr 11, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Browser Child Process - MacOS
calendar
Apr 5, 2023
·
attack.initial_access
attack.execution
attack.t1189
attack.t1203
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Potential CobaltStrike Process Patterns
calendar
Apr 3, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Potential Dosfuscation Activity
calendar
Mar 7, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Unusual Parent Process For Cmd.EXE
calendar
Mar 7, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Wscript Execution from Non C Drive
calendar
Mar 7, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
HackTool - Sliver C2 Implant Activity Pattern
calendar
Mar 5, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Suspicious RASdial Activity
calendar
Mar 5, 2023
·
attack.defense_evasion
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Scan Loop Network
calendar
Mar 5, 2023
·
attack.execution
attack.t1059
attack.discovery
attack.t1018
·
Share on:
twitter
facebook
linkedin
copy
Sysprep on AppData Folder
calendar
Mar 5, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
VMToolsd Suspicious Child Process
calendar
Mar 5, 2023
·
attack.execution
attack.persistence
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Runscripthelper.exe
calendar
Mar 2, 2023
·
attack.execution
attack.t1059
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Installer Package Child Process
calendar
Feb 21, 2023
·
attack.t1059
attack.t1059.007
attack.t1071
attack.t1071.001
attack.execution
attack.command_and_control
·
Share on:
twitter
facebook
linkedin
copy
Writing Of Malicious Files To The Fonts Folder
calendar
Feb 21, 2023
·
attack.t1211
attack.t1059
attack.defense_evasion
attack.persistence
·
Share on:
twitter
facebook
linkedin
copy
Python Inline Command Execution
calendar
Feb 17, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
PUA - Wsudo Suspicious Execution
calendar
Feb 13, 2023
·
attack.execution
attack.privilege_escalation
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Remote Child Process From Outlook
calendar
Feb 10, 2023
·
attack.execution
attack.t1059
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Outlook EnableUnsafeClientMailRules Setting Enabled
calendar
Feb 9, 2023
·
attack.execution
attack.t1059
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Renamed FTP.EXE Execution
calendar
Feb 7, 2023
·
attack.execution
attack.t1059
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Python Spawning Pretty TTY on Windows
calendar
Feb 4, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Run PowerShell Script from Redirected Input Stream
calendar
Feb 3, 2023
·
attack.defense_evasion
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Atlassian Confluence CVE-2022-26134
calendar
Feb 1, 2023
·
attack.initial_access
attack.execution
attack.t1190
attack.t1059
cve.2022.26134
·
Share on:
twitter
facebook
linkedin
copy
Hacktool Ruler
calendar
Feb 1, 2023
·
attack.discovery
attack.execution
attack.t1087
attack.t1114
attack.t1059
attack.t1550.002
·
Share on:
twitter
facebook
linkedin
copy
Perl Inline Command Execution
calendar
Feb 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Php Inline Command Execution
calendar
Feb 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Ruby Inline Command Execution
calendar
Feb 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Script Interpreter Execution From Suspicious Folder
calendar
Feb 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Java Children Processes
calendar
Feb 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Script Execution From Temp Folder
calendar
Feb 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Use of Forfiles For Execution
calendar
Feb 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Use of OpenConsole
calendar
Feb 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Use of Pcalua For Execution
calendar
Feb 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Fsutil Behavior Set SymlinkEvaluation
calendar
Jan 19, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Windows Defender Exclusions Added - PowerShell
calendar
Jan 4, 2023
·
attack.defense_evasion
attack.t1562
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Execution via macOS Script Editor
calendar
Dec 29, 2022
·
attack.t1566
attack.t1566.002
attack.initial_access
attack.t1059
attack.t1059.002
attack.t1204
attack.t1204.001
attack.execution
attack.persistence
attack.t1553
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
Windows Defender AMSI Trigger Detected
calendar
Dec 7, 2022
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
««
«
1
2
»
»»
to-top