HackTool - PowerTool Execution (a34f79a3-8e5f-4cc3-b765-de00695452c2)

Detects the execution of the tool PowerTool which has the ability to kill a process, delete its process file, unload drivers, and delete the driver files

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
HackTool - PowerTool Execution (a34f79a3-8e5f-4cc3-b765-de00695452c2)	Sigma-Rules	Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579)	Attack Pattern	1
Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579)	Attack Pattern	Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529)	Attack Pattern	2