open-menu
closeme
Antivirus Hacktool Detection
calendar
Aug 12, 2024
·
attack.execution
attack.t1204
·
Share on:
twitter
facebook
linkedin
copy
Arbitrary Shell Command Execution Via Settingcontent-Ms
calendar
Aug 12, 2024
·
attack.t1204
attack.t1566.001
attack.execution
attack.initial-access
·
Share on:
twitter
facebook
linkedin
copy
DarkSide Ransomware Pattern
calendar
Aug 12, 2024
·
attack.execution
attack.t1204
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
Payload Decoded and Decrypted via Built-in Utilities
calendar
Aug 12, 2024
·
attack.t1059
attack.t1204
attack.execution
attack.t1140
attack.defense-evasion
attack.s0482
attack.s0402
·
Share on:
twitter
facebook
linkedin
copy
Potential Snatch Ransomware Activity
calendar
Aug 12, 2024
·
attack.execution
attack.t1204
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
Potentially Suspicious WebDAV LNK Execution
calendar
Aug 12, 2024
·
attack.execution
attack.t1059.001
attack.t1204
·
Share on:
twitter
facebook
linkedin
copy
PrinterNightmare Mimikatz Driver Name
calendar
Aug 12, 2024
·
attack.execution
attack.t1204
cve.2021-1675
cve.2021-34527
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Execution via macOS Script Editor
calendar
Aug 12, 2024
·
attack.t1566
attack.t1566.002
attack.initial-access
attack.t1059
attack.t1059.002
attack.t1204
attack.t1204.001
attack.execution
attack.persistence
attack.t1553
attack.defense-evasion
·
Share on:
twitter
facebook
linkedin
copy
Office Products Spawning WMI
calendar
Mar 26, 2024
·
attack.execution
attack.t1047
attack.t1204
·
Share on:
twitter
facebook
linkedin
copy
Qbot Mounted Drive Script Executions
calendar
Mar 26, 2024
·
attack.s0650
attack.execution
attack.t1059
attack.t1204
·
Share on:
twitter
facebook
linkedin
copy
Suspicious WebDAV LNK Execution
calendar
Aug 5, 2023
·
attack.execution
attack.t1059.001
attack.t1204
·
Share on:
twitter
facebook
linkedin
copy
Suspicious User-Initiated Process Execution on External Drive (Old)
calendar
Dec 28, 2022
·
attack.s0650
attack.s0483
attack.execution
attack.t1059
attack.t1204
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious User-Initiated Process Execution on External Drive (Sysmon)
calendar
Dec 28, 2022
·
attack.s0650
attack.s0483
attack.execution
attack.t1059
attack.t1204
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Command Line Indicating BlackCat Execution
calendar
Dec 6, 2022
·
attack.execution
attack.t1059
attack.t1204
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Command Line Indicating BlackCat Execution with Get UUID Option
calendar
Dec 6, 2022
·
attack.execution
attack.t1059
attack.t1204
·
Share on:
twitter
facebook
linkedin
copy
to-top