Skip to content

Hide Navigation Hide TOC

PUA - Seatbelt Execution (38646daa-e78f-4ace-9de0-55547b2d30da)

Detects the execution of the PUA/Recon tool Seatbelt via PE information of command line parameters

Cluster A Galaxy A Cluster B Galaxy B Level
PUA - Seatbelt Execution (38646daa-e78f-4ace-9de0-55547b2d30da) Sigma-Rules File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18) Attack Pattern 1
PUA - Seatbelt Execution (38646daa-e78f-4ace-9de0-55547b2d30da) Sigma-Rules Account Discovery - T1087 (72b74d71-8169-42aa-92e0-e7b04b9f5a08) Attack Pattern 1
PUA - Seatbelt Execution (38646daa-e78f-4ace-9de0-55547b2d30da) Sigma-Rules Cloud Service Discovery - T1526 (e24fcba8-2557-4442-a139-1ee2f2e784db) Attack Pattern 1