Antivirus Ransomware Detection (4c6ca276-d4d0-4a8c-9e4c-d69832f8671f)
Detects a highly relevant Antivirus alert that reports ransomware. This event must not be ignored just because the AV has blocked the malware but investigate, how it came there in the first place.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Antivirus Ransomware Detection (4c6ca276-d4d0-4a8c-9e4c-d69832f8671f) | Sigma-Rules | Data Encrypted for Impact - T1486 (b80d107d-fa0d-4b60-9684-b0433e8bdba0) | Attack Pattern | 1 |