open-menu
closeme
Potentially Suspicious Rundll32 Activity
calendar
May 17, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Remote Thread Creation Via PowerShell In Rundll32
calendar
May 5, 2023
·
attack.defense_evasion
attack.execution
attack.t1218.011
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Outbound Network Connection To Public IP Via Winlogon
calendar
Apr 28, 2023
·
attack.defense_evasion
attack.execution
attack.command_and_control
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
HTML Help HH.EXE Suspicious Child Process
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.execution
attack.initial_access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious HH.EXE Execution
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.execution
attack.initial_access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Execution With Image Extension
calendar
Mar 17, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Bad Opsec Defaults Sacrificial Processes With Improper Arguments
calendar
Mar 5, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Load by Rundll32
calendar
Mar 5, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
HackTool - F-Secure C3 Load by Rundll32
calendar
Mar 5, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Process Access via TrolleyExpress Exclusion
calendar
Mar 5, 2023
·
attack.defense_evasion
attack.t1218.011
attack.credential_access
attack.t1003.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Control Panel DLL Load
calendar
Mar 5, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
HackTool - RedMimicry Winnti Playbook Execution
calendar
Mar 2, 2023
·
attack.execution
attack.defense_evasion
attack.t1106
attack.t1059.003
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Shell32 DLL Execution in Suspicious Directory
calendar
Mar 2, 2023
·
attack.defense_evasion
attack.execution
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
SCR File Write Event
calendar
Feb 24, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
RunDLL32 Spawning Explorer
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Call by Ordinal
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Activity Invoking Sys File
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Script in CommandLine
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Rundll32 Setupapi.dll Activity
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Code Execution via Pcwutl.dll
calendar
Feb 9, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 InstallScreenSaver Execution
calendar
Feb 9, 2023
·
attack.t1218.011
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 Internet Connection
calendar
Feb 5, 2023
·
attack.defense_evasion
attack.t1218.011
attack.execution
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 UNC Path Execution
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.execution
attack.t1021.002
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
Potential PowerShell Execution Via DLL
calendar
Jan 26, 2023
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
ScreenSaver Registry Key Set
calendar
Oct 26, 2022
·
attack.defense_evasion
attack.t1218.011
·
Share on:
twitter
facebook
linkedin
copy
to-top