LetsDefend Monitoring Alert

System Network Configuration Discovery Detected

May, 14, 2024, 08:42 AM

Event ID: 258

Event Time: May, 14, 2024, 08:42 AM

Rule Name: SOC281 - System Network Configuration Discovery Detected

Alert Type: Malware

MITRE Technique:
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1087 - Discovery - Account Discovery,
T1047 - Execution - Windows Management Instrumentation,
T1204.002 - Execution - User Execution: Malicious File,
T1098 - Persistence - Account Manipulation,
T1566.002 - Initial Access - Phishing: Spearphishing Link,
T1016 - Discovery - System Network Configuration Discovery,
T1059.003 - Execution - Command and Scripting Interpreter: Windows Command Shell,
T1098 - Privilege Escalation - Account Manipulation,
T1197 - Defense Evasion - BITS Jobs,

Severity: Low

Incident Responder

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166