Executable from Webdav (aac2fd97-bcba-491b-ad66-a6edf89c71bf)
Detects executable access via webdav6. Can be seen in APT 29 such as from the emulated APT 29 hackathon https://github.com/OTRF/detection-hackathon-apt29/
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Executable from Webdav (aac2fd97-bcba-491b-ad66-a6edf89c71bf) | Sigma-Rules | Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) | Attack Pattern | 1 |