open-menu
closeme
Forest Blizzard APT - Custom Protocol Handler Creation
calendar
Apr 24, 2024
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Forest Blizzard APT - Custom Protocol Handler DLL Registry Set
calendar
Apr 24, 2024
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
New RUN Key Pointing to Suspicious Folder
calendar
Mar 26, 2024
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
PowerShell Startup Folder Persistence
calendar
Mar 26, 2024
·
attack.persistence
attack.privilege_escalation
attack.t1547
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Potential KamiKakaBot Activity - Winlogon Shell Persistence
calendar
Mar 25, 2024
·
attack.persistence
attack.t1547.001
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
File Creation In Suspicious Directory By Msdt.EXE
calendar
Jan 1, 2024
·
attack.persistence
attack.t1547.001
cve.2022.30190
·
Share on:
twitter
facebook
linkedin
copy
Potential Startup Shortcut Persistence Via PowerShell.EXE
calendar
Jan 1, 2024
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Registry Persistence via Explorer Run Key
calendar
Dec 21, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Startup Folder Persistence
calendar
Dec 1, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Potential Suspicious Activity Using SeCEdit
calendar
Nov 2, 2023
·
attack.discovery
attack.persistence
attack.defense_evasion
attack.credential_access
attack.privilege_escalation
attack.t1562.002
attack.t1547.001
attack.t1505.005
attack.t1556.002
attack.t1562
attack.t1574.007
attack.t1564.002
attack.t1546.008
attack.t1546.007
attack.t1547.014
attack.t1547.010
attack.t1547.002
attack.t1557
attack.t1082
·
Share on:
twitter
facebook
linkedin
copy
Common Autorun Keys Modification
calendar
Oct 18, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
CurrentVersion Autorun Keys Modification
calendar
Oct 18, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
CurrentVersion NT Autorun Keys Modification
calendar
Oct 18, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Narrator's Feedback-Hub Persistence
calendar
Oct 18, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Office Autorun Keys Modification
calendar
Oct 18, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Wow6432Node CurrentVersion Autorun Keys Modification
calendar
Oct 18, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Leviathan Registry Key Activity
calendar
Oct 4, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Classes Autorun Keys Modification
calendar
Aug 17, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
CurrentControlSet Autorun Keys Modification
calendar
Aug 17, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Internet Explorer Autorun Keys Modification
calendar
Aug 17, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Modify User Shell Folders Startup Value
calendar
Aug 17, 2023
·
attack.persistence
attack.privilege_escalation
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Session Manager Autorun Keys Modification
calendar
Aug 17, 2023
·
attack.persistence
attack.t1547.001
attack.t1546.009
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Powershell In Registry Run Keys
calendar
Aug 17, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
System Scripts Autorun Keys Modification
calendar
Aug 17, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
VBScript Payload Stored in Registry
calendar
Aug 17, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
WinSock2 Autorun Keys Modification
calendar
Aug 17, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Wow6432Node Classes Autorun Keys Modification
calendar
Aug 17, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Wow6432Node Windows NT CurrentVersion Autorun Keys Modification
calendar
Aug 17, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Potential Ryuk Ransomware Activity
calendar
Jun 20, 2023
·
attack.persistence
attack.t1547.001
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Suspicious VBScript UN2452 Pattern
calendar
Jun 20, 2023
·
attack.persistence
attack.t1547.001
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
AdSearch Reg Runkey Persistence Execution (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
AdSearch Startup Folder Persistence File Creation (RedCanary Threat Detection Report)
calendar
May 10, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Direct Autorun Keys Modification
calendar
Feb 21, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Startup Folder File Write
calendar
Feb 7, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Potential Persistence Attempt Via Run Keys Using Reg.EXE
calendar
Feb 1, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Run Key from Download
calendar
Feb 1, 2023
·
attack.persistence
attack.t1547.001
·
Share on:
twitter
facebook
linkedin
copy
to-top