LetsDefend Monitoring Alert

Compromised Software Binary Detected

May, 16, 2024, 01:24 AM

Event ID: 259

Event Time: May, 16, 2024, 01:24 AM

Rule Name: SOC283 - Compromised Software Binary Detected

Alert Type: Malware

MITRE Technique:
T1566 - Initial Access - Phishing,
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1204 - Execution - User Execution,
T1003 - Credential Access - OS Credential Dumping,
T1554 - Persistence - Compromise Host Software Binary,

Severity: High

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166