<<< Hide Navigation Hide TOC >>>
File Download via CertOC.EXE (70ad0861-d1fe-491c-a45f-fa48148a300d)
Detects when a user downloads a file by using CertOC.exe
Cluster A![]() |
Galaxy A![]() |
Cluster B![]() |
Galaxy B![]() |
Level![]() |
---|---|---|---|---|
File Download via CertOC.EXE (70ad0861-d1fe-491c-a45f-fa48148a300d) | Sigma-Rules | Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) | Attack Pattern | 1 |