Microsoft Sysmon now logs data copied to the Windows Clipboard
Tags
attack-pattern: Data Direct Clipboard Data - T1414 Powershell - T1059.001 Tool - T1588.002 Clipboard Data - T1115 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 99c62f90-f5c6-4894-802b-f0e010012013
Fingerprint 3785277f23e713f0
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 19, 2020, midnight
Added to db Jan. 18, 2023, 10:50 p.m.
Last updated Nov. 15, 2024, 1:55 p.m.
Headline Microsoft Sysmon now logs data copied to the Windows Clipboard
Title Microsoft Sysmon now logs data copied to the Windows Clipboard
Detected Hints/Tags/Attributes 23/1/8
Source URLs
Redirection Url
Details Source https://www.bleepingcomputer.com/news/microsoft/microsoft-sysmon-now-logs-data-copied-to-the-windows-clipboard/
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
Attributes
Details Type #Events CTI Value
Details Domain 11 
live.sysinternals.com
Details File 12 
live.sys
Details File 25 
sysmon.exe
Details File 1 
sysmon.cfg
Details File 122 
psexec.exe
Details File 380 
notepad.exe
Details sha1 1 
cc849193d18ff95761cd8a702b66857f329be85b
Details Url 2 
https://live.sysinternals.com/sysmon.exe