open-menu
closeme
Potential CobaltStrike Service Installations - Registry
calendar
Mar 26, 2024
·
attack.execution
attack.privilege_escalation
attack.lateral_movement
attack.t1021.002
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Service Control Manager Spawning Command Shell with Suspect Strings
calendar
Mar 26, 2024
·
attack.execution
attack.t1059
attack.t1059.003
attack.t1569
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
SMBexec.py Execution
calendar
Mar 26, 2024
·
attack.s0357
attack.execution
attack.t1569
attack.t1569.002
attack.lateral_movement
attack.t1021
attack.t1021.003
·
Share on:
twitter
facebook
linkedin
copy
Disable Windows Defender via Service
calendar
Feb 26, 2024
·
attack.execution
attack.t1569.002
attack.t1562.001
dist.public
·
Share on:
twitter
facebook
linkedin
copy
HackTool - SharpUp PrivEsc Tool Execution
calendar
Jan 1, 2024
·
attack.privilege_escalation
attack.t1615
attack.t1569.002
attack.t1574.005
·
Share on:
twitter
facebook
linkedin
copy
PUA - CsExec Execution
calendar
Jan 1, 2024
·
attack.resource_development
attack.t1587.001
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
PUA - NirCmd Execution
calendar
Jan 1, 2024
·
attack.execution
attack.t1569.002
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
PUA - NSudo Execution
calendar
Jan 1, 2024
·
attack.execution
attack.t1569.002
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
ProcessHacker Privilege Elevation
calendar
Dec 21, 2023
·
attack.execution
attack.privilege_escalation
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
PSExec and WMI Process Creations Block
calendar
Dec 21, 2023
·
attack.execution
attack.lateral_movement
attack.t1047
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
PUA - CSExec Default Named Pipe
calendar
Dec 21, 2023
·
attack.lateral_movement
attack.t1021.002
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
PUA - PAExec Default Named Pipe
calendar
Dec 21, 2023
·
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
PUA - RemCom Default Named Pipe
calendar
Dec 21, 2023
·
attack.lateral_movement
attack.t1021.002
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Remote Access Tool Services Have Been Installed - Security
calendar
Dec 21, 2023
·
attack.persistence
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Potential CVE-2022-26809 Exploitation Attempt
calendar
Dec 1, 2023
·
attack.initial_access
attack.t1190
attack.execution
attack.t1569.002
cve.2022.26809
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
smbexec.py Service Installation
calendar
Nov 10, 2023
·
attack.lateral_movement
attack.execution
attack.t1021.002
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Start Windows Service Via Net.EXE
calendar
Oct 18, 2023
·
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Credential Dumping Tools Service Execution - System
calendar
Oct 17, 2023
·
attack.credential_access
attack.execution
attack.t1003.001
attack.t1003.002
attack.t1003.004
attack.t1003.005
attack.t1003.006
attack.t1569.002
attack.s0005
·
Share on:
twitter
facebook
linkedin
copy
DNS Events Related To Mining Pools
calendar
Oct 17, 2023
·
attack.execution
attack.t1569.002
attack.impact
attack.t1496
·
Share on:
twitter
facebook
linkedin
copy
Metasploit Or Impacket Service Installation Via SMB PsExec
calendar
Oct 17, 2023
·
attack.lateral_movement
attack.t1021.002
attack.t1570
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
PAExec Service Installation
calendar
Oct 17, 2023
·
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Sliver C2 Default Service Installation
calendar
Oct 17, 2023
·
attack.execution
attack.privilege_escalation
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
PsExec Tool Execution From Suspicious Locations - PipeName
calendar
Oct 4, 2023
·
attack.execution
attack.t1569.002
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
PowerShell as a Service in Registry
calendar
Aug 17, 2023
·
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
CSExec Service Installation
calendar
Aug 10, 2023
·
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
RemCom Service File Creation
calendar
Aug 10, 2023
·
attack.execution
attack.t1569.002
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
PsExec Service Installation
calendar
Aug 8, 2023
·
attack.execution
attack.t1569.002
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
RemCom Service Installation
calendar
Aug 8, 2023
·
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Credential Dumping Tools Service Execution - Security
calendar
Aug 7, 2023
·
attack.credential_access
attack.execution
attack.t1003.001
attack.t1003.002
attack.t1003.004
attack.t1003.005
attack.t1003.006
attack.t1569.002
attack.s0005
·
Share on:
twitter
facebook
linkedin
copy
CSExec Service File Creation
calendar
Aug 7, 2023
·
attack.execution
attack.t1569.002
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
HackTool Service Registration or Execution
calendar
Aug 7, 2023
·
attack.execution
attack.t1569.002
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
PsExec Service File Creation
calendar
Aug 7, 2023
·
attack.execution
attack.t1569.002
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
Remote Server Service Abuse for Lateral Movement
calendar
Jun 22, 2023
·
attack.lateral_movement
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Remote Access Tool Services Have Been Installed - System
calendar
Jun 21, 2023
·
attack.persistence
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
DNS RCE CVE-2020-1350
calendar
Jun 20, 2023
·
attack.initial_access
attack.t1190
attack.execution
attack.t1569.002
cve.2020.1350
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Malicious Service Installations
calendar
Apr 21, 2023
·
attack.persistence
attack.privilege_escalation
attack.t1003
attack.t1035
attack.t1050
car.2013-09-005
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Metasploit Or Impacket Service Installation Via SMB PsExec
calendar
Apr 21, 2023
·
attack.lateral_movement
attack.t1021.002
attack.t1570
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Impacket Pipe Creation - Psexec
calendar
Apr 16, 2023
·
attack.s0357
attack.execution
attack.t1569
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Impacket PSExec Temp Executable File Creation
calendar
Apr 16, 2023
·
attack.s0357
attack.execution
attack.t1569
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Service Installations - System
calendar
Apr 14, 2023
·
attack.execution
attack.privilege_escalation
attack.lateral_movement
attack.t1021.002
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
PowerShell Scripts Installed as Services
calendar
Apr 14, 2023
·
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Rundll32 Execution Without Parameters
calendar
Mar 16, 2023
·
attack.lateral_movement
attack.t1021.002
attack.t1570
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
PUA - RunXCmd Execution
calendar
Feb 14, 2023
·
attack.execution
attack.t1569.002
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
PUA - NirCmd Execution As LOCAL SYSTEM
calendar
Feb 13, 2023
·
attack.execution
attack.t1569.002
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Service Installations - Security
calendar
Feb 1, 2023
·
attack.execution
attack.privilege_escalation
attack.lateral_movement
attack.t1021.002
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Malicious Service Installations
calendar
Feb 1, 2023
·
attack.persistence
attack.privilege_escalation
attack.t1003
car.2013-09-005
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
PowerShell Scripts Installed as Services - Security
calendar
Nov 30, 2022
·
attack.execution
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
MITRE BZAR Indicators for Execution
calendar
Oct 25, 2022
·
attack.execution
attack.t1047
attack.t1053.002
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
to-top