LetsDefend Monitoring Alert

Suspicious Powershell Script Executed

Jul, 03, 2023, 01:33 AM

Event ID: 163

Event Time: Jul, 03, 2023, 01:33 AM

Rule Name: SOC153 - Suspicious Powershell Script Executed

Alert Type: Malware

MITRE Technique:
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1110 - Credential Access - Brute Force,
T1133 - Initial Access - External Remote Services,
T1055 - Privilege Escalation - Process Injection,

Severity: Medium

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166