Skip to content

Hide Navigation Hide TOC

Potential Privilege Escalation To LOCAL SYSTEM (207b0396-3689-42d9-8399-4222658efc99)

Detects unknown program using commandline flags usually used by tools such as PsExec and PAExec to start programs with SYSTEM Privileges

Cluster A Galaxy A Cluster B Galaxy B Level
Potential Privilege Escalation To LOCAL SYSTEM (207b0396-3689-42d9-8399-4222658efc99) Sigma-Rules Malware - T1587.001 (212306d8-efa4-44c9-8c2d-ed3d2e224aa0) Attack Pattern 1
Develop Capabilities - T1587 (edadea33-549c-4ed1-9783-8f5a5853cbdf) Attack Pattern Malware - T1587.001 (212306d8-efa4-44c9-8c2d-ed3d2e224aa0) Attack Pattern 2