open-menu
closeme
Potential Binary Proxy Execution Via Cdb.EXE
calendar
Apr 26, 2024
·
attack.execution
attack.t1106
attack.defense_evasion
attack.t1218
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Nullsoft Scriptable Installer Script (NSIS) execution
calendar
Feb 23, 2024
·
attack.execution
attack.t1106
dist.public
·
Share on:
twitter
facebook
linkedin
copy
Nullsoft Scriptable Installer Script (NSIS) file creation
calendar
Feb 23, 2024
·
attack.execution
attack.t1106
dist.public
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Mshta.EXE Execution Patterns
calendar
Jan 1, 2024
·
attack.execution
attack.t1106
·
Share on:
twitter
facebook
linkedin
copy
Potential Direct Syscall of NtOpenProcess
calendar
Dec 21, 2023
·
attack.execution
attack.t1106
·
Share on:
twitter
facebook
linkedin
copy
HackTool - WinPwn Execution
calendar
Dec 4, 2023
·
attack.credential_access
attack.defense_evasion
attack.discovery
attack.execution
attack.privilege_escalation
attack.t1046
attack.t1082
attack.t1106
attack.t1518
attack.t1548.002
attack.t1552.001
attack.t1555
attack.t1555.003
·
Share on:
twitter
facebook
linkedin
copy
HackTool - WinPwn Execution - ScriptBlock
calendar
Dec 4, 2023
·
attack.credential_access
attack.defense_evasion
attack.discovery
attack.execution
attack.privilege_escalation
attack.t1046
attack.t1082
attack.t1106
attack.t1518
attack.t1548.002
attack.t1552.001
attack.t1555
attack.t1555.003
·
Share on:
twitter
facebook
linkedin
copy
HackTool - CobaltStrike BOF Injection Pattern
calendar
Dec 4, 2023
·
attack.execution
attack.t1106
attack.defense_evasion
attack.t1562.001
·
Share on:
twitter
facebook
linkedin
copy
HackTool - HandleKatz Duplicating LSASS Handle
calendar
Dec 4, 2023
·
attack.execution
attack.t1106
attack.defense_evasion
attack.t1003.001
·
Share on:
twitter
facebook
linkedin
copy
Potential WinAPI Calls Via CommandLine
calendar
Dec 1, 2023
·
attack.execution
attack.t1106
·
Share on:
twitter
facebook
linkedin
copy
Turla Group Named Pipes
calendar
Oct 26, 2023
·
attack.g0010
attack.execution
attack.t1106
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
BPFDoor Abnormal Process ID or Lock File Accessed
calendar
Oct 17, 2023
·
attack.execution
attack.t1106
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Potential WinAPI Calls Via PowerShell Scripts
calendar
Jul 31, 2023
·
attack.execution
attack.t1059.001
attack.t1106
·
Share on:
twitter
facebook
linkedin
copy
HackTool - RedMimicry Winnti Playbook Execution
calendar
Mar 2, 2023
·
attack.execution
attack.defense_evasion
attack.t1106
attack.t1059.003
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
to-top