LetsDefend Monitoring Alert
Network Connection Detected from Unauthorized Port
Aug, 02, 2023, 02:11 PM
Event ID: 173
Event Time: Aug, 02, 2023, 02:11 PM
Rule Name: SOC208 - Network Connection Detected from Unauthorized Port
Alert Type: Malware
MITRE Technique:
T1053.005 - Persistence - Scheduled Task,
T1071 - Command and Control - Application Layer Protocol,
T1547 - Persistence - Boot or Logon Autostart Execution,
T1189 - Initial Access - Drive-by Compromise,
T1571 - Command and Control - Non-Standard Port,
T1537 - Privilege Escalation - Boot or Logon Autostart Execution,
Severity: High
Incident Responder