open-menu
closeme
Potential Data Exfiltration Via Curl.EXE
calendar
May 3, 2023
·
attack.exfiltration
attack.t1567
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Curl File Upload - Linux
calendar
May 3, 2023
·
attack.exfiltration
attack.t1567
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Invoke-WebRequest Execution With DirectIP
calendar
Apr 24, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Invoke-WebRequest Execution
calendar
Apr 21, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Microsoft Binary Suspicious Communication Endpoint
calendar
Apr 20, 2023
·
attack.lateral_movement
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Connection Initiated Via Certutil.EXE
calendar
Apr 18, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Potential Arbitrary File Download Via MSEdge.EXE
calendar
Apr 14, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
File Download with Headless Browser
calendar
Apr 12, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Import LDAP Data Interchange Format File Via Ldifde.EXE
calendar
Mar 15, 2023
·
attack.command_and_control
attack.defense_evasion
attack.t1218
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Command Line Execution with Suspicious URL and AppData Strings
calendar
Mar 7, 2023
·
attack.execution
attack.command_and_control
attack.t1059.003
attack.t1059.001
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Curl Download And Execute Combination
calendar
Mar 7, 2023
·
attack.execution
attack.t1218
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Remote File Download via Desktopimgdownldr Utility
calendar
Mar 5, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Desktopimgdownldr Command
calendar
Mar 5, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
File Download Using Notepad++ GUP Utility
calendar
Mar 2, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Windows Update Client LOLBIN
calendar
Mar 2, 2023
·
attack.command_and_control
attack.execution
attack.t1105
attack.t1218
·
Share on:
twitter
facebook
linkedin
copy
File Download Via Curl.EXE
calendar
Feb 28, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Curl.EXE Download
calendar
Feb 28, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Curl.EXE Execution
calendar
Feb 21, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Finger.exe Suspicious Invocation
calendar
Feb 21, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
GfxDownloadWrapper.exe Downloads File from Suspicious URL
calendar
Feb 21, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
MsiExec Web Install
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1218.007
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
PowerShell DownloadFile
calendar
Feb 21, 2023
·
attack.execution
attack.t1059.001
attack.command_and_control
attack.t1104
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
PUA - Nimgrab Execution
calendar
Feb 13, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious File Download Using Office Application
calendar
Feb 6, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Curl Usage on Linux
calendar
Feb 1, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Download from Suspicious Dyndns Hosts
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.command_and_control
attack.t1105
attack.t1568
·
Share on:
twitter
facebook
linkedin
copy
Pandemic Registry Key
calendar
Feb 1, 2023
·
attack.lateral_movement
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Potential Download/Upload Activity Using Type Command
calendar
Feb 1, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Certreq Command to Download
calendar
Feb 1, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Desktopimgdownldr Target File
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious File Download via CertOC.exe
calendar
Feb 1, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Program Location with Network Connections
calendar
Feb 1, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Download a File with IMEWDBLD.exe
calendar
Jan 27, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
AppX Package Installation Attempts Via AppInstaller
calendar
Jan 12, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Operator Bring Your Own Tools
calendar
Jan 8, 2023
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Cisco Stage Data
calendar
Jan 4, 2023
·
attack.collection
attack.lateral_movement
attack.command_and_control
attack.exfiltration
attack.t1074
attack.t1105
attack.t1560.001
·
Share on:
twitter
facebook
linkedin
copy
Abusing Findstr for Defense Evasion
calendar
Oct 28, 2022
·
attack.defense_evasion
attack.t1218
attack.t1564.004
attack.t1552.001
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
PrintBrm ZIP Creation of Extraction
calendar
Oct 28, 2022
·
attack.command_and_control
attack.t1105
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Replace.exe Usage
calendar
Oct 28, 2022
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Diantz Download and Compress Into a CAB File
calendar
Oct 28, 2022
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Extrac32 Execution
calendar
Oct 28, 2022
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Windows Defender Download Activity
calendar
Oct 28, 2022
·
attack.defense_evasion
attack.t1218
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Script Initiated Connection
calendar
Oct 26, 2022
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Script Initiated Connection to Non-Local Network
calendar
Oct 26, 2022
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Lolbas OneDriveStandaloneUpdater.exe Proxy Download
calendar
Oct 26, 2022
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Executable from Webdav
calendar
Oct 25, 2022
·
attack.command_and_control
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Remote File Copy
calendar
Oct 25, 2022
·
attack.command_and_control
attack.lateral_movement
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
to-top