LetsDefend Monitoring Alert
ZBot Application Detected
Oct, 29, 2021, 05:20 PM
Event ID: 110
Event Time: Oct, 29, 2021, 05:20 PM
Rule Name: SOC160 - ZBot Application Detected
Alert Type: Malware
MITRE Technique:
T1598.003 - Reconnaissance - Spearphishing Link,
T1566 - Initial Access - Phishing,
T1204 - Execution - User Execution,
T1078 - Persistence - Valid Accounts,
T1078 - Privilege Escalation - Valid Accounts,
Severity: High
Incident Responder