Suspicious Kernel Dump Using Dtrace (7124aebe-4cd7-4ccb-8df0-6d6b93c96795)

Detects suspicious way to dump the kernel on Windows systems using dtrace.exe, which is available on Windows systems since Windows 10 19H1

Rows: 1
Loading extensions...
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, **[empty]**, **[nonempty]**, **rgx:**
Learn more
TableFilter v0.7.2
https://www.tablefilter.com/
©2015-2025 Max Guglielmi
Close
?
Cluster A	Galaxy A	Cluster B	Galaxy B	Level
	Clear Sigma-Rules		Clear Attack Pattern	Clear 1
Suspicious Kernel Dump Using Dtrace (7124aebe-4cd7-4ccb-8df0-6d6b93c96795)	Sigma-Rules	System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1)	Attack Pattern	1