Skip to content

Hide Navigation Hide TOC

History File Deletion (1182f3b3-e716-4efa-99ab-d2685d04360f)

Detects events in which a history file gets deleted, e.g. the ~/bash_history to remove traces of malicious activity

Cluster A Galaxy A Cluster B Galaxy B Level
History File Deletion (1182f3b3-e716-4efa-99ab-d2685d04360f) Sigma-Rules Stored Data Manipulation - T1565.001 (1cfcb312-b8d7-47a4-b560-4b16cc677292) Attack Pattern 1
Stored Data Manipulation - T1565.001 (1cfcb312-b8d7-47a4-b560-4b16cc677292) Attack Pattern Data Manipulation - T1565 (ac9e6b22-11bf-45d7-9181-c1cb08360931) Attack Pattern 2