Suspicious Executable File Creation (74babdd6-a758-4549-9632-26535279e654)
Detect creation of suspicious executable file names. Some strings look for suspicious file extensions, others look for filenames that exploit unquoted service paths.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Suspicious Executable File Creation (74babdd6-a758-4549-9632-26535279e654) | Sigma-Rules | Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) | Attack Pattern | 1 |