LetsDefend Monitoring Alert
Possible WinRAR Zero-Day Activity
Aug, 31, 2023, 01:37 PM
Event ID: 181
Event Time: Aug, 31, 2023, 01:37 PM
Rule Name: SOC221 - Possible WinRAR Zero-Day Activity
Alert Type: Malware
MITRE Technique:
T1203 - Execution - Exploitation for Client Execution,
T1204.002 - Execution - User Execution: Malicious File,
T1566.001 - Initial Access - Phishing: Spearphishing Attachment,
Severity: Critical
Incident Responder