Tap Driver Installation - Security (9c8afa4d-0022-48f0-9456-3712466f9701)
Detects the installation of a well-known TAP driver service. This could be a sign of potential preparation for data exfiltration using tunnelling techniques.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Tap Driver Installation - Security (9c8afa4d-0022-48f0-9456-3712466f9701) | Sigma-Rules | Exfiltration Over Alternative Protocol - T1048 (a19e86f8-1c0a-4fea-8407-23b73d615776) | Attack Pattern | 1 |