open-menu
closeme
Potentially Suspicious Execution Of Regasm/Regsvcs From Uncommon Location
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.009
·
Share on:
twitter
facebook
linkedin
copy
Potentially Suspicious Execution Of Regasm/Regsvcs With Uncommon Extension
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.009
·
Share on:
twitter
facebook
linkedin
copy
RegAsm.EXE Initiating Network Connection To Public IP
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.009
·
Share on:
twitter
facebook
linkedin
copy
DNS Query From Process with Double File Extension
calendar
Jan 30, 2023
·
attack.defense_evasion
attack.command_and_control
attack.t1218
attack.t1218.009
attack.t1071
attack.t1071.004
·
Share on:
twitter
facebook
linkedin
copy
Download by Process with Double File Extension
calendar
Jan 30, 2023
·
attack.defense_evasion
attack.command_and_control
attack.t1218
attack.t1218.009
attack.t1071
attack.t1071.004
·
Share on:
twitter
facebook
linkedin
copy
File Creation by Process with Double File Extension
calendar
Jan 30, 2023
·
attack.defense_evasion
attack.command_and_control
attack.t1218
attack.t1218.009
attack.t1071
attack.t1071.004
·
Share on:
twitter
facebook
linkedin
copy
Network Connection From Process with Double File Extension
calendar
Jan 30, 2023
·
attack.defense_evasion
attack.command_and_control
attack.t1218
attack.t1218.009
attack.t1071
attack.t1071.004
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Process Injection to RegAsm
calendar
Jan 30, 2023
·
attack.defense_evasion
attack.t1218
attack.t1218.009
·
Share on:
twitter
facebook
linkedin
copy
to-top