Skip to content

Hide Navigation Hide TOC

PUA - Sysinternal Tool Execution - Registry (25ffa65d-76d8-4da5-a832-3f2b0136e133)

Detects the execution of a Sysinternals Tool via the creation of the "accepteula" registry key

Cluster A Galaxy A Cluster B Galaxy B Level
Tool - T1588.002 (a2fdce72-04b2-409a-ac10-cc1695f4fce0) Attack Pattern PUA - Sysinternal Tool Execution - Registry (25ffa65d-76d8-4da5-a832-3f2b0136e133) Sigma-Rules 1
Tool - T1588.002 (a2fdce72-04b2-409a-ac10-cc1695f4fce0) Attack Pattern Obtain Capabilities - T1588 (ce0687a0-e692-4b77-964a-0784a8e54ff1) Attack Pattern 2