open-menu
closeme
HackTool - LittleCorporal Generated Maldoc Injection
calendar
Dec 4, 2023
·
attack.execution
attack.t1204.002
attack.t1055.003
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Binary In User Directory Spawned From Office Application
calendar
Dec 1, 2023
·
attack.execution
attack.t1204.002
attack.g0046
car.2013-05-002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Microsoft Office Child Process - MacOS
calendar
Dec 1, 2023
·
attack.execution
attack.persistence
attack.t1059.002
attack.t1137.002
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious WmiPrvSE Child Process
calendar
Nov 10, 2023
·
attack.execution
attack.defense_evasion
attack.t1047
attack.t1204.002
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
File With Uncommon Extension Created By An Office Application
calendar
Oct 18, 2023
·
attack.t1204.002
attack.execution
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Microsoft Office Child Process
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.execution
attack.t1047
attack.t1204.002
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Outlook Child Process
calendar
Oct 18, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Remote DLL Load Via Rundll32.EXE
calendar
Oct 4, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
New Application in AppCompat
calendar
Aug 17, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Droppers Exploiting CVE-2017-11882
calendar
Jun 20, 2023
·
attack.execution
attack.t1203
attack.t1204.002
attack.initial_access
attack.t1566.001
cve.2017.11882
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Exploit for CVE-2017-0261
calendar
Jun 20, 2023
·
attack.execution
attack.t1203
attack.t1204.002
attack.initial_access
attack.t1566.001
cve.2017.0261
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Exploit for CVE-2017-8759
calendar
Jun 20, 2023
·
attack.execution
attack.t1203
attack.t1204.002
attack.initial_access
attack.t1566.001
cve.2017.8759
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Potential Maze Ransomware Activity
calendar
Jun 20, 2023
·
attack.execution
attack.t1204.002
attack.t1047
attack.impact
attack.t1490
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Download From Suspicious TLD - Blacklist
calendar
May 18, 2023
·
attack.initial_access
attack.t1566
attack.execution
attack.t1203
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Download From Suspicious TLD - Whitelist
calendar
May 18, 2023
·
attack.initial_access
attack.t1566
attack.execution
attack.t1203
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Microsoft Excel Add-In Loaded From Uncommon Location
calendar
May 15, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
File Creation by Office Applications
calendar
Apr 21, 2023
·
attack.t1204.002
attack.t1047
attack.t1218.010
attack.execution
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
Active Directory Kerberos DLL Loaded Via Office Application
calendar
Apr 3, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Active Directory Parsing DLL Loaded Via Office Application
calendar
Apr 3, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
CLR DLL Loaded Via Office Applications
calendar
Apr 3, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
DotNET Assembly DLL Loaded Via Office Application
calendar
Apr 3, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious WMIC Execution Via Office Process
calendar
Feb 14, 2023
·
attack.t1204.002
attack.t1047
attack.t1218.010
attack.execution
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
GAC DLL Loaded Via Office Applications
calendar
Feb 9, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Microsoft VBA For Outlook Addin Loaded Via Outlook
calendar
Feb 9, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
VBA DLL Loaded Via Office Application
calendar
Feb 9, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Flash Player Update from Suspicious Location
calendar
Feb 1, 2023
·
attack.initial_access
attack.t1189
attack.execution
attack.t1204.002
attack.defense_evasion
attack.t1036.005
·
Share on:
twitter
facebook
linkedin
copy
Ursnif Malware C2 URL Pattern
calendar
Jan 31, 2023
·
attack.initial_access
attack.t1566.001
attack.execution
attack.t1204.002
attack.command_and_control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious User-Initiated Process Execution on External Drive (Old)
calendar
Dec 28, 2022
·
attack.s0650
attack.s0483
attack.execution
attack.t1059
attack.t1204
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious User-Initiated Process Execution on External Drive (Sysmon)
calendar
Dec 28, 2022
·
attack.s0650
attack.s0483
attack.execution
attack.t1059
attack.t1204
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
File Was Not Allowed To Run
calendar
Oct 25, 2022
·
attack.execution
attack.t1204.002
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.006
attack.t1059.007
·
Share on:
twitter
facebook
linkedin
copy
ms-msdt for RCE CVE-2022-30190
calendar
Jun 2, 2022
·
attack.execution
attack.T1059.003
attack.T1204.002
·
Share on:
twitter
facebook
linkedin
copy
ms-msdt for RCE - sdiagnhost.exe spawning command
calendar
May 30, 2022
·
attack.execution
attack.T1059.003
attack.T1204.002
·
Share on:
twitter
facebook
linkedin
copy
to-top