Skip to content

Hide Navigation Hide TOC

PsExec/PAExec Escalation to LOCAL SYSTEM (8834e2f7-6b4b-4f09-8906-d2276470ee23)

Detects suspicious commandline flags used by PsExec and PAExec to escalate a command line to LOCAL_SYSTEM rights

Cluster A Galaxy A Cluster B Galaxy B Level
PsExec/PAExec Escalation to LOCAL SYSTEM (8834e2f7-6b4b-4f09-8906-d2276470ee23) Sigma-Rules Malware - T1587.001 (212306d8-efa4-44c9-8c2d-ed3d2e224aa0) Attack Pattern 1
Malware - T1587.001 (212306d8-efa4-44c9-8c2d-ed3d2e224aa0) Attack Pattern Develop Capabilities - T1587 (edadea33-549c-4ed1-9783-8f5a5853cbdf) Attack Pattern 2