LetsDefend Monitoring Alert

Malicious DLL Detected

Feb, 22, 2024, 08:10 AM

Event ID: 230

Event Time: Feb, 22, 2024, 08:10 AM

Rule Name: SOC263 - Malicious DLL Detected

Alert Type: Malware

MITRE Technique:
T1112 - Defense Evasion - Modify Registry,
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1110 - Credential Access - Brute Force,
T1133 - Initial Access - External Remote Services,
T1136 - Persistence - Create Account,
T1059.003 - Execution - Command and Scripting Interpreter: Windows Command Shell,
T1556.008 - Persistence - Modify Authentication Process: Network Provider DLL,
T1098 - Privilege Escalation - Account Manipulation,

Severity: High

Incident Responder

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166