open-menu
closeme
Arbitrary Command Execution Using WSL
calendar
Apr 12, 2023
·
attack.execution
attack.defense_evasion
attack.t1218
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Potential Arbitrary File Download Using Office Application
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Conhost Parent Process Executions
calendar
Apr 3, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Potential Arbitrary DLL Load Using Winword
calendar
Apr 3, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Findstr Launching .lnk File
calendar
Mar 7, 2023
·
attack.defense_evasion
attack.t1036
attack.t1202
attack.t1027.003
·
Share on:
twitter
facebook
linkedin
copy
Suspicious High IntegrityLevel Conhost Legacy Option
calendar
Mar 5, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Splwow64 Without Params
calendar
Mar 5, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Runscripthelper.exe
calendar
Mar 2, 2023
·
attack.execution
attack.t1059
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Suspicious ZipExec Execution
calendar
Mar 2, 2023
·
attack.execution
attack.defense_evasion
attack.t1218
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Potential Binary Impersonating Sysinternals Tools
calendar
Feb 28, 2023
·
attack.execution
attack.defense_evasion
attack.t1218
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Application Whitelisting Bypass via Bginfo
calendar
Feb 21, 2023
·
attack.execution
attack.t1059.005
attack.defense_evasion
attack.t1218
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Renamed PAExec Execution
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Without Any CommandLine Params
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Diagnostic Library Sdiageng.DLL Loaded By Msdt.EXE
calendar
Feb 20, 2023
·
attack.defense_evasion
attack.t1202
cve.2022.30190
·
Share on:
twitter
facebook
linkedin
copy
Windows Binary Executed From WSL
calendar
Feb 16, 2023
·
attack.execution
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
WSL Child Process Anomaly
calendar
Feb 14, 2023
·
attack.execution
attack.defense_evasion
attack.t1218
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Renamed ZOHO Dctask64 Execution
calendar
Feb 13, 2023
·
attack.defense_evasion
attack.t1036
attack.t1055.001
attack.t1202
attack.t1218
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Remote Child Process From Outlook
calendar
Feb 10, 2023
·
attack.execution
attack.t1059
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Outlook EnableUnsafeClientMailRules Setting Enabled
calendar
Feb 9, 2023
·
attack.execution
attack.t1059
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Potential Arbitrary Command Execution Using Msdt.EXE
calendar
Feb 8, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Renamed FTP.EXE Execution
calendar
Feb 7, 2023
·
attack.execution
attack.t1059
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Cabinet File Execution Via Msdt.EXE
calendar
Feb 7, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
VsCode Child Process Anomaly
calendar
Feb 6, 2023
·
attack.execution
attack.defense_evasion
attack.t1218
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Service Binary Directory
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Troubleshooting Pack Cmdlet Execution
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Lolbin Ssh.exe Use As Proxy
calendar
Jan 26, 2023
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Use of Setres.exe
calendar
Dec 12, 2022
·
attack.defense_evasion
attack.t1218
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
LOLBIN Execution Of The FTP.EXE Binary
calendar
Nov 10, 2022
·
attack.execution
attack.t1059
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Cmdl32 Execution
calendar
Oct 28, 2022
·
attack.execution
attack.defense_evasion
attack.t1218
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Subsystem for Linux Bash Execution
calendar
Oct 28, 2022
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
Custom File Open Handler Executes PowerShell
calendar
Oct 26, 2022
·
attack.defense_evasion
attack.t1202
·
Share on:
twitter
facebook
linkedin
copy
to-top