open-menu
closeme
HackTool - WinPwn Execution
calendar
Oct 1, 2024
·
attack.credential-access
attack.defense-evasion
attack.discovery
attack.execution
attack.privilege-escalation
attack.t1046
attack.t1082
attack.t1106
attack.t1518
attack.t1548.002
attack.t1552.001
attack.t1555
attack.t1555.003
·
Share on:
twitter
facebook
linkedin
copy
HackTool - WinPwn Execution - ScriptBlock
calendar
Oct 1, 2024
·
attack.credential-access
attack.defense-evasion
attack.discovery
attack.execution
attack.privilege-escalation
attack.t1046
attack.t1082
attack.t1106
attack.t1518
attack.t1548.002
attack.t1552.001
attack.t1555
attack.t1555.003
·
Share on:
twitter
facebook
linkedin
copy
BPFDoor Abnormal Process ID or Lock File Accessed
calendar
Aug 12, 2024
·
attack.execution
attack.t1106
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
HackTool - CobaltStrike BOF Injection Pattern
calendar
Aug 12, 2024
·
attack.execution
attack.t1106
attack.defense-evasion
attack.t1562.001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - HandleKatz Duplicating LSASS Handle
calendar
Aug 12, 2024
·
attack.execution
attack.t1106
attack.defense-evasion
attack.t1003.001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - RedMimicry Winnti Playbook Execution
calendar
Aug 12, 2024
·
attack.execution
attack.defense-evasion
attack.t1106
attack.t1059.003
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Potential Binary Proxy Execution Via Cdb.EXE
calendar
Aug 12, 2024
·
attack.execution
attack.t1106
attack.defense-evasion
attack.t1218
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Potential Direct Syscall of NtOpenProcess
calendar
Aug 12, 2024
·
attack.execution
attack.t1106
·
Share on:
twitter
facebook
linkedin
copy
Potential WinAPI Calls Via CommandLine
calendar
Aug 12, 2024
·
attack.execution
attack.t1106
·
Share on:
twitter
facebook
linkedin
copy
Potential WinAPI Calls Via PowerShell Scripts
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.001
attack.t1106
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Mshta.EXE Execution Patterns
calendar
Aug 12, 2024
·
attack.execution
attack.t1106
·
Share on:
twitter
facebook
linkedin
copy
Turla Group Named Pipes
calendar
Aug 12, 2024
·
attack.g0010
attack.execution
attack.t1106
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
Nullsoft Scriptable Installer Script (NSIS) execution
calendar
Feb 23, 2024
·
attack.execution
attack.t1106
dist.public
·
Share on:
twitter
facebook
linkedin
copy
Nullsoft Scriptable Installer Script (NSIS) file creation
calendar
Feb 23, 2024
·
attack.execution
attack.t1106
dist.public
·
Share on:
twitter
facebook
linkedin
copy
to-top