open-menu
closeme
Suspicious Rundll32 Script in CommandLine
calendar
Dec 1, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 Execution Without DLL File
calendar
Nov 20, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Bad Opsec Defaults Sacrificial Processes With Improper Arguments
calendar
Nov 15, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
NotPetya Ransomware Activity
calendar
Nov 10, 2023
·
attack.defense_evasion
attack.t1218.011
attack.t1070.001
attack.credential_access
attack.t1003.001
car.2016-04-002
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Remote Thread Creation Via PowerShell In Potentially Suspicious Target
calendar
Nov 10, 2023
·
attack.defense_evasion
attack.execution
attack.t1218.011
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
APT29 2018 Phishing Campaign CommandLine Indicators
calendar
Oct 18, 2023
·
attack.execution
attack.t1218.011
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Load by Rundll32
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Equation Group DLL_U Export Function Load
calendar
Oct 18, 2023
·
attack.g0020
attack.defense_evasion
attack.t1218.011
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Potential Emotet Rundll32 Execution
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.t1218.011
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Potential PowerShell Execution Via DLL
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Potentially Suspicious Rundll32 Activity
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 Internet Connection
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.t1218.011
attack.execution
·
Share on:
twitter
facebook
linkedin
copy
Sofacy Trojan Loader Activity
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.execution
attack.g0007
attack.t1059.003
attack.t1218.011
car.2013-10-002
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Process Access via TrolleyExpress Exclusion
calendar
Oct 17, 2023
·
attack.defense_evasion
attack.t1218.011
attack.credential_access
attack.t1003.001
·
Share on:
twitter
facebook
linkedin
copy
RunDLL32 Spawning Explorer
calendar
Oct 17, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 UNC Path Execution
calendar
Oct 17, 2023
·
attack.defense_evasion
attack.execution
attack.t1021.002
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Potential Bumblebee Remote Thread Creation
calendar
Oct 15, 2023
·
attack.defense_evasion
attack.execution
attack.t1218.011
attack.t1059.001
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
SCR File Write Event
calendar
Sep 18, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
IcedID Malware Suspicious Single Digit DLL Execution Via Rundll32
calendar
Sep 7, 2023
·
attack.defense_evasion
attack.t1218.011
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
ScreenSaver Registry Key Set
calendar
Aug 17, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 InstallScreenSaver Execution
calendar
Jul 13, 2023
·
attack.t1218.011
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
APT29 2018 Phishing Campaign File Indicators
calendar
Jun 20, 2023
·
attack.execution
attack.t1218.011
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
EvilNum APT Golden Chickens Deployment Via OCX Files
calendar
Jun 20, 2023
·
attack.defense_evasion
attack.t1218.011
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Fireball Archer Install
calendar
Jun 20, 2023
·
attack.execution
attack.defense_evasion
attack.t1218.011
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Rhadamanthys Stealer Module Launch Via Rundll32.EXE
calendar
Jun 20, 2023
·
attack.defense_evasion
attack.t1218.011
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
ZxShell Malware
calendar
Jun 20, 2023
·
attack.execution
attack.t1059.003
attack.defense_evasion
attack.t1218.011
attack.s0412
attack.g0001
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 Application Bypass with DllRegisterServer Function (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 Injection into LSASS (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 Suspicious Process Lineage (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 Without a Command Line (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Outbound Network Connection To Public IP Via Winlogon
calendar
Apr 28, 2023
·
attack.defense_evasion
attack.execution
attack.command_and_control
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
HTML Help HH.EXE Suspicious Child Process
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.execution
attack.initial_access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious HH.EXE Execution
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.execution
attack.initial_access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Execution With Image Extension
calendar
Mar 17, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
HackTool - F-Secure C3 Load by Rundll32
calendar
Mar 5, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Control Panel DLL Load
calendar
Mar 5, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
HackTool - RedMimicry Winnti Playbook Execution
calendar
Mar 2, 2023
·
attack.execution
attack.defense_evasion
attack.t1106
attack.t1059.003
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Shell32 DLL Execution in Suspicious Directory
calendar
Mar 2, 2023
·
attack.defense_evasion
attack.execution
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Call by Ordinal
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Activity Invoking Sys File
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Setupapi.dll Activity
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Code Execution via Pcwutl.dll
calendar
Feb 9, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Application Bypass with RunDLL32 and DllRegisterServer Function
calendar
Nov 9, 2022
·
attack.defense_evasion
attack.t1218
attack.t1218.011
attack.s0650
attack.s0386
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 with Suspicious Export Functionalities
calendar
Nov 9, 2022
·
attack.defense_evasion
attack.t1218
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 with Suspicious Process Lineage
calendar
Nov 9, 2022
·
attack.defense_evasion
attack.t1218
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 without Command Line
calendar
Nov 9, 2022
·
attack.defense_evasion
attack.t1218
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
to-top