LetsDefend Monitoring Alert
Suspicious Powershell Script Executed
Jul, 03, 2023, 01:33 AM
Event ID: 163
Event Time: Jul, 03, 2023, 01:33 AM
Rule Name: SOC153 - Suspicious Powershell Script Executed
Alert Type: Malware
MITRE Technique:
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1110 - Credential Access - Brute Force,
T1133 - Initial Access - External Remote Services,
T1055 - Privilege Escalation - Process Injection,
Severity: Medium
Incident Responder