Adaptive Threat Hunting | Adopting a Multi-Directional Approach
Tags
cmtmf-attack-pattern: Code Injection
attack-pattern: Data Datasets Models Artificial Intelligence - T1588.007 Cloud Services - T1021.007 Code Injection - T1540 Credentials - T1589.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Automated Collection - T1119 Powershell - T1086 Remote Access Tools - T1219 Automated Collection
Show in Graph
Common Information
Type Value
UUID 35ca9a15-90e3-431a-b2f9-96fc6aaf3c08
Fingerprint 35fad984a5b78f8d
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 2, 2024, midnight
Added to db Oct. 2, 2024, 3:55 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Adaptive Threat Hunting | Adopting a Multi-Directional Approach
Title Adaptive Threat Hunting | Adopting a Multi-Directional Approach
Detected Hints/Tags/Attributes 79/2/8
Source URLs
Redirection Url
Details Source https://www.sentinelone.com/blog/adaptive-threat-hunting-adopting-a-multi-directional-approach/
URL Provider
Details Provider Source level domain
Details sentinelone.com www.sentinelone.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 234 SentinelOne https://sentinelone.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 39 
xxx.xxx.xxx.xxx
Details File 1 
c:\program files\remoteaccesstool\remote.exe
Details File 4 
remote.exe
Details File 409 
c:\windows\system32\cmd.exe
Details File 2125 
cmd.exe
Details File 1 
deploy-vm.ps1
Details IPv4 4 
10.20.30.40
Details IPv4 1 
192.0.2.25