Skip to content

Hide Navigation Hide TOC

Potential Suspicious Browser Launch From Document Reader Process (1193d960-2369-499f-a158-7b50a31df682)

Detects when a browser process or browser tab is launched from an application that handles document files such as Adobe, Microsoft Office, etc. And connects to a web application over http(s), this could indicate a possible phishing attempt.

Cluster A Galaxy A Cluster B Galaxy B Level
Malicious File - T1204.002 (232b7f21-adf9-4b42-b936-b9d6f7df856e) Attack Pattern Potential Suspicious Browser Launch From Document Reader Process (1193d960-2369-499f-a158-7b50a31df682) Sigma-Rules 1
Malicious File - T1204.002 (232b7f21-adf9-4b42-b936-b9d6f7df856e) Attack Pattern User Execution - T1204 (8c32eb4d-805f-4fc5-bf60-c4d476c131b5) Attack Pattern 2