Suspicious Windows Update Agent Empty Cmdline (52d097e2-063e-4c9c-8fbb-855c8948d135)
Detects suspicious Windows Update Agent activity in which a wuauclt.exe process command line doesn't contain any command line flags
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Suspicious Windows Update Agent Empty Cmdline (52d097e2-063e-4c9c-8fbb-855c8948d135) | Sigma-Rules | Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0) | Attack Pattern | 1 |