<<< Hide Navigation Hide TOC >>>

New Kernel Driver Via SC.EXE (431a1fdb-4799-4f3b-91c3-a683b003fc49)

Detects creation of a new service (kernel driver) with the type "kernel"

Rows: 2

Loading extensions...

Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

---

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi

Close

?

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
	Clear Attack Pattern Sigma-Rules		Clear Attack Pattern	Clear 1 2
New Kernel Driver Via SC.EXE (431a1fdb-4799-4f3b-91c3-a683b003fc49)	Sigma-Rules	Windows Service - T1543.003 (2959d63f-73fd-46a1-abd2-109d7dcede32)	Attack Pattern	1
Windows Service - T1543.003 (2959d63f-73fd-46a1-abd2-109d7dcede32)	Attack Pattern	Create or Modify System Process - T1543 (106c0cf6-bf73-4601-9aa8-0945c2715ec5)	Attack Pattern	2