OVERVIEW
GENERAL
General Details
Reputation Details
ENTRY POINT
Summary
Complete
REMEDIATION
BUSINESS IMPACT
SUSPICIOUS ACTIVITY
Mitre ATT&CK™ Matrix
Suspicious Events
Network Events
INCIDENT DETAILS
Tree
Tree Timeline
Script/Shortcut Content
MITRE ATT&CK™ Matrix
ANDRE: a1bab5c7-166a-466d-9226-e37d9eb3c369
These are the tactics and techniques as described by the
MITRE ATT&CK™
framework.
Initial Access
Execution
Command and Scripting Interpreter: PowerShell
15 events
Command and Scripting Interpreter: Windows Command Shell
6 events
Native API
164 events
Unsigned Process
4 events
User Execution: Malicious File
1 event
Persistence
Privilege Escalation
Process Injection: Portable Executable Injection
1 event
Defense Evasion
Indicator Removal on Host: File Deletion
15 events
Masquerading
3 events
Masquerading: Invalid Code Signature
1 event
Modify Registry
9 events
Process Injection: Portable Executable Injection
1 event
Subvert Trust Controls: Code Signing
161 events
Credential Access
Discovery
Application Window Discovery
21 events
Process Discovery
31 events
Query Registry
493 events
System Information Discovery
1 event
Lateral Movement
Collection
Archive Collected Data
2 events
Command and Control
Commonly Used Port
3 events
Encrypted Channel: Asymmetric Cryptography
3 events
Non-Standard Port
1 event
Exfiltration
Archive Collected Data
2 events
Impact
Process Termination
3 events
Forensics Suspicious Event
Show
10
25
50
100
entries
Search:
Description
Time
No data available in table
Showing 0 to 0 of 0 entries
Previous
Next
