open-menu
closeme
AspNetCompiler Execution
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
C# IL Code Compilation Via Ilasm.EXE
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Detection of PowerShell Execution via Sqlps.exe
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.001
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
JScript Compiler Execution
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Kavremover Dropped Binary LOLBIN Usage
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Node Process Executions
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
Potential Arbitrary Code Execution Via Node.EXE
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Potential Binary Proxy Execution Via Cdb.EXE
calendar
Aug 12, 2024
·
attack.execution
attack.t1106
attack.defense-evasion
attack.t1218
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Potential Mftrace.EXE Abuse
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Potentially Suspicious ASP.NET Compilation Via AspNetCompiler
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Remote Thread Creation Ttdinject.exe Proxy
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
SQL Client Tools PowerShell Session Detection
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.001
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Child Process of AspNetCompiler
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Use of CSharp Interactive Console
calendar
Aug 12, 2024
·
attack.execution
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Use of Remote.exe
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Use of TTDInject.exe
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Use of VSIISExeLauncher.exe
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
Use of Wfc.exe
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1127
·
Share on:
twitter
facebook
linkedin
copy
to-top