open-menu
closeme
Insensitive Subfolder Search Via Findstr.EXE
calendar
Mar 11, 2024
·
attack.defense_evasion
attack.t1218
attack.t1564.004
attack.t1552.001
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Remote File Download Via Findstr.EXE
calendar
Mar 11, 2024
·
attack.defense_evasion
attack.t1218
attack.t1564.004
attack.t1552.001
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious File Download From File Sharing Websites
calendar
Feb 12, 2024
·
attack.defense_evasion
attack.s0139
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Unusual File Download From File Sharing Websites
calendar
Feb 12, 2024
·
attack.defense_evasion
attack.s0139
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Use Short Name Path in Image
calendar
Feb 1, 2024
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
HackTool Named File Stream Created
calendar
Jan 15, 2024
·
attack.defense_evasion
attack.s0139
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Potential Rundll32 Execution With DLL Stored In ADS
calendar
Jan 1, 2024
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Unusual File Download from Direct IP Address
calendar
Jan 1, 2024
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Potential Hidden Directory Creation Via NTFS INDEX_ALLOCATION Stream - CLI
calendar
Oct 28, 2023
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Use NTFS Short Name in Command Line
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Use Short Name Path in Command Line
calendar
Oct 18, 2023
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
PrintBrm ZIP Creation of Extraction
calendar
Oct 17, 2023
·
attack.command_and_control
attack.t1105
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Potential Hidden Directory Creation Via NTFS INDEX_ALLOCATION Stream
calendar
Oct 12, 2023
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Use NTFS Short Name in Image
calendar
Jul 24, 2023
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Hidden Executable In NTFS Alternate Data Stream
calendar
May 15, 2023
·
attack.defense_evasion
attack.s0139
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Execute From Alternate Data Streams
calendar
Feb 21, 2023
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Run PowerShell Script from ADS
calendar
Feb 3, 2023
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
NTFS Alternate Data Stream
calendar
Jan 4, 2023
·
attack.defense_evasion
attack.t1564.004
attack.execution
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Powershell Store File In Alternate Data Stream
calendar
Jan 4, 2023
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Extrac32 Alternate Data Stream Execution
calendar
Dec 30, 2022
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Diantz Alternate Data Stream Execution
calendar
Dec 30, 2022
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
Exports Registry Key To an Alternate Data Stream
calendar
Oct 25, 2022
·
attack.defense_evasion
attack.t1564.004
·
Share on:
twitter
facebook
linkedin
copy
to-top