by pmcpherson | Nov 12, 2021
UNC2452 PowerShell Pattern b7155193-8a81-4d8f-805d-88de864ca50c
by pmcpherson | Nov 12, 2021
DNSCat2 Powershell Implementation Detection Via Process Creation b11d75d6-d7c1-11ea-87d0-0242ac130003
by pmcpherson | Nov 4, 2021
Exfiltration and Tunneling Tools Execution c75309a3-59f8-4a8d-9c2c-4c927ad50555
by pmcpherson | Nov 4, 2021
Windows Processes Suspicious Parent Directory 96036718-71cc-4027-a538-d1587e0006a7
by pmcpherson | Oct 25, 2021
File Created with System Process Name d5866ddf-ce8f-4aea-b28e-d96485a20d3d
