Skip to content

Hide Navigation Hide TOC

Office Macro File Download (0e29e3a7-1ad8-40aa-b691-9f82ecd33d66)

Detects the creation of a new office macro files on the system via an application (browser, mail client). This can help identify potential malicious activity, such as the download of macro-enabled documents that could be used for exploitation.

Cluster A Galaxy A Cluster B Galaxy B Level
Office Macro File Download (0e29e3a7-1ad8-40aa-b691-9f82ecd33d66) Sigma-Rules Spearphishing Attachment - T1566.001 (2e34237d-8574-43f6-aace-ae2915de8597) Attack Pattern 1
Spearphishing Attachment - T1566.001 (2e34237d-8574-43f6-aace-ae2915de8597) Attack Pattern Phishing - T1566 (a62a8db3-f23a-4d8f-afd6-9dbc77e7813b) Attack Pattern 2