LetsDefend Monitoring Alert
Malicious Remote Access Software Detected
Aug, 14, 2023, 08:32 AM
Event ID: 179
Event Time: Aug, 14, 2023, 08:32 AM
Rule Name: SOC108 - Malicious Remote Access Software Detected
Alert Type: Malware
MITRE Technique:
T1204.002 - Execution - User Execution: Malicious File,
T1566.002 - Initial Access - Phishing: Spearphishing Link,
T1219 - Command and Control - Remote Access Software,
Severity: High
Incident Responder