LetsDefend Monitoring Alert

Network Connection Detected from Unauthorized Port

Aug, 08, 2023, 11:59 AM

Event ID: 176

Event Time: Aug, 08, 2023, 11:59 AM

Rule Name: SOC208 - Network Connection Detected from Unauthorized Port

Alert Type: Malware

MITRE Technique:
T1053.005 - Persistence - Scheduled Task,
T1059 - Execution - Command and Scripting Interpreter,
T1071 - Command and Control - Application Layer Protocol,
T1105 - Command and Control - Ingress Tool Transfer,
T1566.001 - Initial Access - Phishing: Spearphishing Attachment,
T1571 - Command and Control - Non-Standard Port,

Severity: High

Incident Responder

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166