Hide Navigation Hide TOC

Suspicious External WebDAV Execution (1ae64f96-72b6-48b3-ad3d-e71dff6c6398)

Detects executables launched from external WebDAV shares using the WebDAV Explorer integration, commonly seen in initial access campaigns.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Compromise Infrastructure - T1584 (7e3beebd-8bfe-4e7b-a892-e44ab06a75f9)	Attack Pattern	Suspicious External WebDAV Execution (1ae64f96-72b6-48b3-ad3d-e71dff6c6398)	Sigma-Rules	1
Suspicious External WebDAV Execution (1ae64f96-72b6-48b3-ad3d-e71dff6c6398)	Sigma-Rules	Phishing - T1566 (a62a8db3-f23a-4d8f-afd6-9dbc77e7813b)	Attack Pattern	1