Suspicious WMI Activity

LetsDefend Monitoring Alert

Mar, 15, 2021, 10:57 PM

Event ID: 81

Event Time: Mar, 15, 2021, 10:57 PM

Rule Name: SOC134 - Suspicious WMI Activity

Alert Type: Malware

MITRE Technique:

T1598.001 - Reconnaissance - Spearphishing Service,

Severity: High

Security Analyst

45305 Catalina ct. Suite 150, Sterling VA 20166