Skip to content

Hide Navigation Hide TOC

Response File Execution Via Odbcconf.EXE (5f03babb-12db-4eec-8c82-7b4cb5580868)

Detects execution of "odbcconf" with the "-f" flag in order to load a response file which might contain a malicious action.

Cluster A Galaxy A Cluster B Galaxy B Level
Response File Execution Via Odbcconf.EXE (5f03babb-12db-4eec-8c82-7b4cb5580868) Sigma-Rules Odbcconf - T1218.008 (6e3bd510-6b33-41a4-af80-2d80f3ee0071) Attack Pattern 1
Odbcconf - T1218.008 (6e3bd510-6b33-41a4-af80-2d80f3ee0071) Attack Pattern System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern 2