open-menu
closeme
PUA - Process Hacker Execution
calendar
Nov 1, 2024
·
attack.defense-evasion
attack.discovery
attack.persistence
attack.privilege-escalation
attack.t1622
attack.t1564
attack.t1543
·
Share on:
twitter
facebook
linkedin
copy
CrashControl CrashDump Disabled
calendar
Aug 12, 2024
·
attack.t1564
attack.t1112
·
Share on:
twitter
facebook
linkedin
copy
Detect Virtualbox Driver Installation OR Starting Of VMs
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564.006
attack.t1564
·
Share on:
twitter
facebook
linkedin
copy
Mount Execution With Hidepid Parameter
calendar
Aug 12, 2024
·
attack.credential-access
attack.t1564
·
Share on:
twitter
facebook
linkedin
copy
Potentially Suspicious Execution From Parent Process In Public Folder
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.execution
attack.t1564
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
PUA - System Informer Execution
calendar
Aug 12, 2024
·
attack.persistence
attack.privilege-escalation
attack.discovery
attack.defense-evasion
attack.t1082
attack.t1564
attack.t1543
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Creation with Colorcpl
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Executable File Creation
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564
·
Share on:
twitter
facebook
linkedin
copy
Sysmon Configuration Error
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564
·
Share on:
twitter
facebook
linkedin
copy
Sysmon Configuration Modification
calendar
Aug 12, 2024
·
attack.defense-evasion
attack.t1564
·
Share on:
twitter
facebook
linkedin
copy
ISO, VHD, LNK or IMG File Extracted from Zip (Sysmon)
calendar
Dec 28, 2022
·
attack.s0650
attack.s0483
attack.defense_evasion
attack.t1027
attack.t1027.006
attack.t1564
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Process Execution in PerfLogs Directory
calendar
Dec 6, 2022
·
attack.defense_evasion
attack.t1564
·
Share on:
twitter
facebook
linkedin
copy
to-top