File Download with Headless Browser (0e8cfe08-02c9-4815-a2f8-0d157b7ed33e)

Detects execution of chromium based browser in headless mode using the "dump-dom" command line to download files

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Hidden Window - T1564.003 (cbb66055-0325-4111-aca0-40547b6ad5b0)	Attack Pattern	File Download with Headless Browser (0e8cfe08-02c9-4815-a2f8-0d157b7ed33e)	Sigma-Rules	1
File Download with Headless Browser (0e8cfe08-02c9-4815-a2f8-0d157b7ed33e)	Sigma-Rules	Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add)	Attack Pattern	1
Hidden Window - T1564.003 (cbb66055-0325-4111-aca0-40547b6ad5b0)	Attack Pattern	Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8)	Attack Pattern	2