LetsDefend Monitoring Alert

Suspicious WMI Activity Detected

Apr, 06, 2023, 09:50 AM

Event ID: 133

Event Time: Apr, 06, 2023, 09:50 AM

Rule Name: SOC183 - Suspicious WMI Activity Detected

Alert Type: Malware

MITRE Technique:
T1047 - Execution - Windows Management Instrumentation,
T1189 - Initial Access - Drive-by Compromise,

Severity: High

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166