Troubleshooting Pack Cmdlet Execution (03409c93-a7c7-49ba-9a4c-a00badf2a153)
Detects execution of "TroubleshootingPack" cmdlets to leverage CVE-2022-30190 or action similar to "msdt" lolbin (as described in LOLBAS)
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Troubleshooting Pack Cmdlet Execution (03409c93-a7c7-49ba-9a4c-a00badf2a153) | Sigma-Rules | Indirect Command Execution - T1202 (3b0e52ce-517a-4614-a523-1bd5deef6c5e) | Attack Pattern | 1 |