open-menu
closeme
DNS Query To Devtunnels Domain
calendar
Oct 1, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
DNS Query To Visual Studio Code Tunnels Domain
calendar
Oct 1, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Visual Studio Code Tunnel Execution
calendar
Sep 2, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Visual Studio Code Tunnel Service Installation
calendar
Sep 2, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Visual Studio Code Tunnel Shell Execution
calendar
Sep 2, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
APT User Agent
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
APT40 Dropbox Tool User Agent
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
Bitsadmin to Uncommon IP Server Address
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
attack.defense-evasion
attack.persistence
attack.t1197
attack.s0190
·
Share on:
twitter
facebook
linkedin
copy
Bitsadmin to Uncommon TLD
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
attack.defense-evasion
attack.persistence
attack.t1197
attack.s0190
·
Share on:
twitter
facebook
linkedin
copy
Chafer Malware URL Pattern
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Change User Agents with WebRequest
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Cloudflared Tunnels Related DNS Requests
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
ComRAT Network Communication
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.command-and-control
attack.t1071.001
attack.g0010
·
Share on:
twitter
facebook
linkedin
copy
Crypto Miner User Agent
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Exploit Framework User Agent
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - BabyShark Agent Default URL Pattern
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - CobaltStrike Malleable Profile Patterns - Proxy
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - Empire UserAgent URI Combo
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
HTTP Request With Empty User Agent
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Malware User Agent
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Outbound Network Connection Initiated By Microsoft Dialer
calendar
Aug 12, 2024
·
attack.execution
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Potential Base64 Encoded User-Agent
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
PwnDrp Access
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
attack.t1102.001
attack.t1102.003
·
Share on:
twitter
facebook
linkedin
copy
Raw Paste Service Access
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
attack.t1102.001
attack.t1102.003
attack.defense-evasion
·
Share on:
twitter
facebook
linkedin
copy
Renamed Visual Studio Code Tunnel Execution
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Base64 Encoded User-Agent
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Curl Change User Agents - Linux
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Installer Package Child Process
calendar
Aug 12, 2024
·
attack.t1059
attack.t1059.007
attack.t1071
attack.t1071.001
attack.execution
attack.command-and-control
·
Share on:
twitter
facebook
linkedin
copy
Suspicious User Agent
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Telegram API Access
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.command-and-control
attack.t1071.001
attack.t1102.002
·
Share on:
twitter
facebook
linkedin
copy
Ursnif Malware C2 URL Pattern
calendar
Aug 12, 2024
·
attack.initial-access
attack.t1566.001
attack.execution
attack.t1204.002
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Ursnif Malware Download URL Pattern
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Wannacry Killswitch Domain
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Windows PowerShell User Agent
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Windows WebDAV User Agent
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
to-top