LetsDefend Monitoring Alert

Suspicious Dynamic Resolution Detected

Nov, 15, 2023, 12:30 PM

Event ID: 200

Event Time: Nov, 15, 2023, 12:30 PM

Rule Name: SOC238 - Suspicious Dynamic Resolution Detected

Alert Type: C2

MITRE Technique:
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1552.001 - Credential Access - Unsecured Credentials: Credentials In Files,
T1566.001 - Initial Access - Phishing: Spearphishing Attachment,
T1199 - Initial Access - Trusted Relationship,
T1568 - Command and Control - Dynamic Resolution,
T1008 - Command and Control - Fallback Channels,

Severity: Medium

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166