Skip to content

Hide Navigation Hide TOC

Potential WinAPI Calls Via PowerShell Scripts (03d83090-8cba-44a0-b02f-0b756a050306)

Detects use of WinAPI functions in PowerShell scripts

Cluster A Galaxy A Cluster B Galaxy B Level
Native API - T1106 (391d824f-0ef1-47a0-b0ee-c59a75e27670) Attack Pattern Potential WinAPI Calls Via PowerShell Scripts (03d83090-8cba-44a0-b02f-0b756a050306) Sigma-Rules 1
PowerShell - T1059.001 (970a3432-3237-47ad-bcca-7d8cbb217736) Attack Pattern Potential WinAPI Calls Via PowerShell Scripts (03d83090-8cba-44a0-b02f-0b756a050306) Sigma-Rules 1
PowerShell - T1059.001 (970a3432-3237-47ad-bcca-7d8cbb217736) Attack Pattern Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) Attack Pattern 2