Custom Class Execution via Xwizard (53d4bb30-3f36-4e8a-b078-69d36c4a79ff)
Detects the execution of Xwizard tool with specific arguments which utilized to run custom class properties.
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) | Attack Pattern | Custom Class Execution via Xwizard (53d4bb30-3f36-4e8a-b078-69d36c4a79ff) | Sigma-Rules | 1 |