open-menu
closeme
Potentially Suspicious Rundll32.EXE Execution of UDL File
calendar
Aug 16, 2024
·
attack.execution
attack.t1218.011
attack.t1071
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Execution of UDL File
calendar
Aug 16, 2024
·
attack.execution
attack.t1218.011
attack.t1071
·
Share on:
twitter
facebook
linkedin
copy
GALLIUM Artefacts - Builtin
calendar
Aug 12, 2024
·
attack.credential-access
attack.command-and-control
attack.t1071
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
GALLIUM IOCs
calendar
Aug 12, 2024
·
attack.credential-access
attack.command-and-control
attack.t1212
attack.t1071
attack.g0093
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
HackTool - SILENTTRINITY Stager DLL Load
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071
·
Share on:
twitter
facebook
linkedin
copy
HackTool - SILENTTRINITY Stager Execution
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1071
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Installer Package Child Process
calendar
Aug 12, 2024
·
attack.t1059
attack.t1059.007
attack.t1071
attack.t1071.001
attack.execution
attack.command-and-control
·
Share on:
twitter
facebook
linkedin
copy
DNSCat2 Powershell Implementation Detection Via Process Creation
calendar
Apr 21, 2023
·
attack.command_and_control
attack.t1071
attack.t1071.004
attack.t1001.003
attack.t1041
·
Share on:
twitter
facebook
linkedin
copy
DNS Query From Process with Double File Extension
calendar
Jan 30, 2023
·
attack.defense_evasion
attack.command_and_control
attack.t1218
attack.t1218.009
attack.t1071
attack.t1071.004
·
Share on:
twitter
facebook
linkedin
copy
Download by Process with Double File Extension
calendar
Jan 30, 2023
·
attack.defense_evasion
attack.command_and_control
attack.t1218
attack.t1218.009
attack.t1071
attack.t1071.004
·
Share on:
twitter
facebook
linkedin
copy
File Creation by Process with Double File Extension
calendar
Jan 30, 2023
·
attack.defense_evasion
attack.command_and_control
attack.t1218
attack.t1218.009
attack.t1071
attack.t1071.004
·
Share on:
twitter
facebook
linkedin
copy
Network Connection From Process with Double File Extension
calendar
Jan 30, 2023
·
attack.defense_evasion
attack.command_and_control
attack.t1218
attack.t1218.009
attack.t1071
attack.t1071.004
·
Share on:
twitter
facebook
linkedin
copy
to-top