File Download From Browser Process Via Inline URL (94771a71-ba41-4b6e-a757-b531372eaab6)
Detects execution of a browser process with a URL argument pointing to a file with a potentially interesting extension. This can be abused to download arbitrary files or to hide from the user for example by launching the browser in a minimized state.
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
File Download From Browser Process Via Inline URL (94771a71-ba41-4b6e-a757-b531372eaab6) | Sigma-Rules | Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) | Attack Pattern | 1 |