Scheduled Cron Task/Job - MacOs (7c3b43d8-d794-47d2-800a-d277715aa460)

Detects abuse of the cron utility to perform task scheduling for initial or recurring execution of malicious code. Detection will focus on crontab jobs uploaded from the tmp folder.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Cron - T1053.003 (2acf44aa-542f-4366-b4eb-55ef5747759c)	Attack Pattern	Scheduled Cron Task/Job - MacOs (7c3b43d8-d794-47d2-800a-d277715aa460)	Sigma-Rules	1
Cron - T1053.003 (2acf44aa-542f-4366-b4eb-55ef5747759c)	Attack Pattern	Scheduled Task/Job - T1053 (35dd844a-b219-4e2b-a6bb-efa9a75995a9)	Attack Pattern	2