open-menu
closeme
DNS Query Request By Regsvr32.EXE
calendar
Aug 12, 2024
·
attack.execution
attack.t1559.001
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
HTML Help HH.EXE Suspicious Child Process
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.execution
attack.initial-access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Network Connection Initiated By Regsvr32.EXE
calendar
Aug 12, 2024
·
attack.execution
attack.t1559.001
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Potential APT-C-12 BlueMushroom DLL Load Activity Via Regsvr32
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
Potential EmpireMonkey Activity
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
detection.emerging-threats
·
Share on:
twitter
facebook
linkedin
copy
Potential Regsvr32 Commandline Flag Anomaly
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Potentially Suspicious Child Process Of Regsvr32
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Potentially Suspicious Regsvr32 HTTP IP Pattern
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Potentially Suspicious Regsvr32 HTTP/FTP Pattern
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Regsvr32 DLL Execution With Suspicious File Extension
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Regsvr32 Execution From Highly Suspicious Location
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Regsvr32 Execution From Potential Suspicious Location
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Scripting/CommandLine Process Spawned Regsvr32
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Suspicious HH.EXE Execution
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.execution
attack.initial-access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Microsoft Office Child Process
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.execution
attack.t1047
attack.t1204.002
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Regsvr32 Execution From Remote Share
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Suspicious WMIC Execution Via Office Process
calendar
Aug 12, 2024
·
attack.t1204.002
attack.t1047
attack.t1218.010
attack.execution
attack.defense-evasion
·
Share on:
twitter
facebook
linkedin
copy
Suspicious WmiPrvSE Child Process
calendar
Aug 12, 2024
·
attack.execution
attack.defense-evasion
attack.t1047
attack.t1204.002
attack.t1218.010
·
Share on:
twitter
facebook
linkedin
copy
Unsigned DLL Loaded by Windows Utility
calendar
Aug 12, 2024
·
attack.t1218.011
attack.t1218.010
attack.defense-evasion
·
Share on:
twitter
facebook
linkedin
copy
File Creation by Office Applications
calendar
Apr 21, 2023
·
attack.t1204.002
attack.t1047
attack.t1218.010
attack.execution
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
to-top