Access of Sudoers File Content (0f79c4d2-4e1f-4683-9c36-b5469a665e06)

Detects the execution of a text-based file access or inspection utilities to read the content of /etc/sudoers in order to potentially list all users that have sudo rights.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Access of Sudoers File Content (0f79c4d2-4e1f-4683-9c36-b5469a665e06)	Sigma-Rules	Client Configurations - T1592.004 (774ad5bb-2366-4c13-a8a9-65e50b292e7c)	Attack Pattern	1
Gather Victim Host Information - T1592 (09312b1a-c3c6-4b45-9844-3ccc78e5d82f)	Attack Pattern	Client Configurations - T1592.004 (774ad5bb-2366-4c13-a8a9-65e50b292e7c)	Attack Pattern	2