Suspicious Chromium Browser Instance Executed With Custom Extension (27ba3207-dd30-4812-abbf-5d20c57d474e)
Detects a suspicious process spawning a Chromium based browser process with the 'load-extension' flag to start an instance with a custom extension
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Suspicious Chromium Browser Instance Executed With Custom Extension (27ba3207-dd30-4812-abbf-5d20c57d474e) | Sigma-Rules | Browser Extensions - T1176 (389735f1-f21c-4208-b8f0-f8031e7169b8) | Attack Pattern | 1 |