Procedure for Detecting Malicious Activity Using System Administration Tools (Living off the Land)
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Direct Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Software - T1592.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID c08871cb-ae04-4383-b9ba-d2b4817f859a
Fingerprint a550a956b3a5ff4f
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 7, 2024, 11:28 a.m.
Added to db Nov. 7, 2024, 12:55 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Procedure for Detecting Malicious Activity Using System Administration Tools (Living off the Land)
Title Procedure for Detecting Malicious Activity Using System Administration Tools (Living off the Land)
Detected Hints/Tags/Attributes 47/2/4
Source URLs
Redirection Url
Details Source https://medium.com/@esilvalabh/procedure-for-detecting-malicious-activity-using-system-administration-tools-living-off-the-land-7fd043299be2?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 249 
schtasks.exe
Details File 76 
netsh.exe
Details File 226 
certutil.exe
Details File 1208 
powershell.exe