open-menu
closeme
ISO or Image Mount Indicator in Recent Files
calendar
Aug 28, 2023
·
attack.initial_access
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Password Protected ZIP File Opened (Email Attachment)
calendar
Aug 28, 2023
·
attack.defense_evasion
attack.initial_access
attack.t1027
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Windows Registry Trust Record Modification
calendar
Jul 13, 2023
·
attack.initial_access
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
ISO Image Mount
calendar
Jun 22, 2023
·
attack.initial_access
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
ISO File Created Within Temp Folders
calendar
Jun 22, 2023
·
attack.initial_access
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Droppers Exploiting CVE-2017-11882
calendar
Jun 20, 2023
·
attack.execution
attack.t1203
attack.t1204.002
attack.initial_access
attack.t1566.001
cve.2017.11882
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Exploit for CVE-2017-0261
calendar
Jun 20, 2023
·
attack.execution
attack.t1203
attack.t1204.002
attack.initial_access
attack.t1566.001
cve.2017.0261
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Exploit for CVE-2017-8759
calendar
Jun 20, 2023
·
attack.execution
attack.t1203
attack.t1204.002
attack.initial_access
attack.t1566.001
cve.2017.8759
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Office Macro File Download
calendar
Apr 18, 2023
·
attack.initial_access
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
HTML Help HH.EXE Suspicious Child Process
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.execution
attack.initial_access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious HH.EXE Execution
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.execution
attack.initial_access
attack.t1047
attack.t1059.001
attack.t1059.003
attack.t1059.005
attack.t1059.007
attack.t1218
attack.t1218.001
attack.t1218.010
attack.t1218.011
attack.t1566
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Arbitrary Shell Command Execution Via Settingcontent-Ms
calendar
Mar 5, 2023
·
attack.t1204
attack.t1566.001
attack.execution
attack.initial_access
·
Share on:
twitter
facebook
linkedin
copy
Execution in Outlook Temp Folder
calendar
Mar 2, 2023
·
attack.initial_access
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Double Extension File Execution
calendar
Feb 28, 2023
·
attack.initial_access
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Office Macro File Creation
calendar
Feb 24, 2023
·
attack.initial_access
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Office Macro File Creation From Suspicious Process
calendar
Feb 24, 2023
·
attack.initial_access
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Microsoft OneNote Child Process
calendar
Feb 10, 2023
·
attack.t1566
attack.t1566.001
attack.initial_access
·
Share on:
twitter
facebook
linkedin
copy
Suspicious HWP Sub Processes
calendar
Feb 1, 2023
·
attack.initial_access
attack.t1566.001
attack.execution
attack.t1203
attack.t1059.003
attack.g0032
·
Share on:
twitter
facebook
linkedin
copy
Ursnif Malware C2 URL Pattern
calendar
Jan 31, 2023
·
attack.initial_access
attack.t1566.001
attack.execution
attack.t1204.002
attack.command_and_control
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
ISO Image Mount
calendar
Dec 28, 2022
·
attack.initial_access
attack.t1566.001
·
Share on:
twitter
facebook
linkedin
copy
Potential Initial Access via DLL Search Order Hijacking
calendar
Oct 28, 2022
·
attack.t1566
attack.t1566.001
attack.initial_access
attack.t1574
attack.t1574.001
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
to-top