Skip to content

<<< Hide Navigation Hide TOC >>>

Antivirus Exploitation Framework Detection (238527ad-3c2c-4e4f-a1f6-92fd63adb864)

Detects a highly relevant Antivirus alert that reports an exploitation framework. This event must not be ignored just because the AV has blocked the malware but investigate, how it came there in the first place.

Galaxy ColorsAttack Pat...Sigma-Rule...
Rows: 2
Loading extensions...
Collapse filters
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Cluster A Galaxy A Cluster B Galaxy B Level
Exploitation for Client Execution - T1203 (be2dcee9-a7a7-4e38-afd6-21b31ecc3d63) Attack Pattern Antivirus Exploitation Framework Detection (238527ad-3c2c-4e4f-a1f6-92fd63adb864) Sigma-Rules 1
Antivirus Exploitation Framework Detection (238527ad-3c2c-4e4f-a1f6-92fd63adb864) Sigma-Rules Remote Access Software - T1219 (4061e78c-1284-44b4-9116-73e4ac3912f7) Attack Pattern 1