Service Binary in Suspicious Folder (a07f0359-4c90-4dc4-a681-8ffea40b4f47)
Detect the creation of a service with a service binary located in a suspicious directory
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Service Binary in Suspicious Folder (a07f0359-4c90-4dc4-a681-8ffea40b4f47) | Sigma-Rules | Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) | Attack Pattern | 1 |