open-menu
closeme
Suspicious Command Arguments from Explorer or Wermgr
calendar
Sep 1, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
HackTool - PCHunter Execution
calendar
Aug 28, 2023
·
attack.execution
attack.discovery
attack.t1082
attack.t1057
attack.t1012
attack.t1083
attack.t1007
·
Share on:
twitter
facebook
linkedin
copy
PUA - System Informer Execution
calendar
Aug 28, 2023
·
attack.persistence
attack.privilege_escalation
attack.discovery
attack.defense_evasion
attack.t1082
attack.t1564
attack.t1543
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Kernel Dump Using Dtrace
calendar
Aug 28, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Container Residence Discovery Via Proc Virtual FS
calendar
Aug 24, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Docker Container Discovery Via Dockerenv Listing
calendar
Aug 24, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Potential Container Discovery Via Inodes Listing
calendar
Aug 24, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
OS Architecture Discovery Via Grep
calendar
Jun 2, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Potential GobRAT File Discovery Via Grep
calendar
Jun 2, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Potential System Information Discovery Via Wmic.EXE
calendar
May 5, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Domain User Enumeration Network Recon 01
calendar
Apr 21, 2023
·
attack.discovery
attack.t1087.002
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Reconnaissance Activity Using BuiltIn Commands
calendar
Apr 21, 2023
·
attack.discovery
attack.t1087
attack.t1082
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
System Information Discovery - Auditd
calendar
Mar 27, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
HackTool - winPEAS Execution
calendar
Mar 23, 2023
·
attack.privilege_escalation
attack.t1082
attack.t1087
attack.t1046
·
Share on:
twitter
facebook
linkedin
copy
CMD Shell Output Redirect
calendar
Mar 7, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Potential Suspicious Activity Using SeCEdit
calendar
Mar 5, 2023
·
attack.discovery
attack.persistence
attack.defense_evasion
attack.credential_access
attack.privilege_escalation
attack.t1562.002
attack.t1547.001
attack.t1505.005
attack.t1556.002
attack.t1562
attack.t1574.007
attack.t1564.002
attack.t1546.008
attack.t1546.007
attack.t1547.014
attack.t1547.010
attack.t1547.002
attack.t1557
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Execution of Hostname
calendar
Mar 5, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Network Reconnaissance Activity
calendar
Mar 2, 2023
·
attack.discovery
attack.t1087
attack.t1082
car.2016-03-001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Execution of Systeminfo
calendar
Mar 2, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Query of MachineGUID
calendar
Mar 2, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Driverquery Lookup
calendar
Jan 9, 2023
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Cisco Discovery
calendar
Jan 4, 2023
·
attack.discovery
attack.t1083
attack.t1201
attack.t1057
attack.t1018
attack.t1082
attack.t1016
attack.t1049
attack.t1033
attack.t1124
·
Share on:
twitter
facebook
linkedin
copy
System and Hardware Information Discovery
calendar
Nov 27, 2022
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
System Information Discovery
calendar
Oct 25, 2022
·
attack.discovery
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
to-top