Skip to content

Hide Navigation Hide TOC

Unix Shell Configuration Modification (a94cdd87-6c54-4678-a6cc-2814ffe5a13d)

Detect unix shell configuration modification. Adversaries may establish persistence through executing malicious commands triggered when a new shell is opened.

Cluster A Galaxy A Cluster B Galaxy B Level
Unix Shell Configuration Modification - T1546.004 (b63a34e8-0a61-4c97-a23b-bf8a2ed812e2) Attack Pattern Unix Shell Configuration Modification (a94cdd87-6c54-4678-a6cc-2814ffe5a13d) Sigma-Rules 1
Unix Shell Configuration Modification - T1546.004 (b63a34e8-0a61-4c97-a23b-bf8a2ed812e2) Attack Pattern Event Triggered Execution - T1546 (b6301b64-ef57-4cce-bb0b-77026f14a8db) Attack Pattern 2