Skip to content

Hide Navigation Hide TOC

Suspicious Run Key from Download (9c5037d1-c568-49b3-88c7-9846a5bdc2be)

Detects the suspicious RUN keys created by software located in Download or temporary Outlook/Internet Explorer directories

Cluster A Galaxy A Cluster B Galaxy B Level
Suspicious Run Key from Download (9c5037d1-c568-49b3-88c7-9846a5bdc2be) Sigma-Rules Registry Run Keys / Startup Folder - T1547.001 (9efb1ea7-c37b-4595-9640-b7680cd84279) Attack Pattern 1
Registry Run Keys / Startup Folder - T1547.001 (9efb1ea7-c37b-4595-9640-b7680cd84279) Attack Pattern Boot or Logon Autostart Execution - T1547 (1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf) Attack Pattern 2