Suspicious Certreq Command to Download (4480827a-9799-4232-b2c4-ccc6c4e9e12b)
Detects a suspicious certreq execution taken from the LOLBAS examples, which can be abused to download (small) files
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Suspicious Certreq Command to Download (4480827a-9799-4232-b2c4-ccc6c4e9e12b) | Sigma-Rules | Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) | Attack Pattern | 1 |