Shell Execution via Flock - Linux (4b09c71e-4269-4111-9cdd-107d8867f0cc)
Detects the use of the "flock" command to execute a shell. Such behavior may be associated with privilege escalation, unauthorized command execution, or to break out from restricted environments.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18) | Attack Pattern | Shell Execution via Flock - Linux (4b09c71e-4269-4111-9cdd-107d8867f0cc) | Sigma-Rules | 1 |