Detection Engineering :: Velociraptor - Digging deeper!
Tags
attack-pattern: Data Model Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 New Service - T1050
Show in Graph
Common Information
Type Value
UUID 89d4b295-08c6-4775-bbed-2927816de2ee
Fingerprint a29ce18c11d7ae00
Analysis status DONE
Considered CTI value 2
Text language
Published May 24, 2024, midnight
Added to db Aug. 31, 2024, 2:04 a.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Detection Engineering
Title Detection Engineering :: Velociraptor - Digging deeper!
Detected Hints/Tags/Attributes 63/1/23
Source URLs
Redirection Url
Details Source https://docs.velociraptor.app/blog/2024/2024-05-09-detection-engineering/
URL Provider
Details Provider Source level domain
Details velociraptor.app docs.velociraptor.app
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 104 Velociraptor Blog https://docs.velociraptor.app/blog/index.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 37 
googlegroups.com
Details Domain 35 
www.velocidex.com
Details Email 31 
velociraptor-discuss@googlegroups.com
Details File 23 
'.exe
Details File 155 
cscript.exe
Details File 5 
'.vbs
Details File 2 
'psexec.exe
Details File 2 
hevd.sys
Details File 17 
bash.exe
Details File 240 
wmic.exe
Details File 376 
wscript.exe
Details File 11 
c:\windows\system32\winlogon.exe
Details File 23 
c:\windows\system32\services.exe
Details File 6 
c:\windows\system32\wininit.exe
Details File 9 
c:\windows\system32\csrss.exe
Details File 2 
x.reg
Details md5 1 
B941C8364308990EE4CC6EADF7214E0F
Details md5 1 
b941c8364308990ee4cc6eadf7214e0f
Details md5 1 
f26d0b110873a1c7d8c4f08fbeab89c5
Details md5 1 
c46ea2e651fd5f7f716c8867c6d13594
Details sha1 1 
b89a8eef5aeae806af5ba212a8068845cafdab6f
Details sha256 1 
f05b1ee9e2f6ab704b8919d5071becbce6f9d0f9d0ba32a460c41d5272134abe
Details Url 28 
https://www.velocidex.com/discord