open-menu
closeme
Potential Hidden Directory Creation Via NTFS INDEX_ALLOCATION Stream
calendar
Sep 2, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Potential Hidden Directory Creation Via NTFS INDEX_ALLOCATION Stream - CLI
calendar
Sep 2, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Suspicious File Download From File Sharing Websites - File Stream
calendar
Aug 23, 2024
·
attack.defense-evasion
attack.s0139
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Unusual File Download From File Sharing Websites - File Stream
calendar
Aug 23, 2024
·
attack.defense-evasion
attack.s0139
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Hidden Flag Set On File/Directory Via Chflags - MacOS
calendar
Aug 21, 2024
·
attack.defense-evasion
attack.t1218
attack.t1564.004
attack.t1552.001
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Execute From Alternate Data Streams
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Exports Registry Key To an Alternate Data Stream
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
HackTool Named File Stream Created
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.s0139
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Hidden Executable In NTFS Alternate Data Stream
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.s0139
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Insensitive Subfolder Search Via Findstr.EXE
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218
attack.t1564.004
attack.t1552.001
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
NTFS Alternate Data Stream
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
attack.execution
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Potential Rundll32 Execution With DLL Stored In ADS
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Powershell Store File In Alternate Data Stream
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
PrintBrm ZIP Creation of Extraction
calendar
Aug 12, 2024
·
attack.command-and-control
attack.t1105
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Remote File Download Via Findstr.EXE
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1218
attack.t1564.004
attack.t1552.001
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Run PowerShell Script from ADS
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Diantz Alternate Data Stream Execution
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Extrac32 Alternate Data Stream Execution
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Unusual File Download from Direct IP Address
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Use NTFS Short Name in Command Line
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Use NTFS Short Name in Image
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Use Short Name Path in Command Line
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Use Short Name Path in Image
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
to-top