Detected Windows Software Discovery - PowerShell (2650dd1a-eb2a-412d-ac36-83f06c4f2282)
Adversaries may attempt to enumerate software for a variety of reasons, such as figuring out what security measures are present or if the compromised system has a version of software that is vulnerable.
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Software Discovery - T1518 (e3b6daca-e963-4a69-aee6-ed4fd653ad58) | Attack Pattern | Detected Windows Software Discovery - PowerShell (2650dd1a-eb2a-412d-ac36-83f06c4f2282) | Sigma-Rules | 1 |