Writing Of Malicious Files To The Fonts Folder (ae9b0bd7-8888-4606-b444-0ed7410cb728)

Monitors for the hiding possible malicious files in the C:\Windows\Fonts\ location. This folder doesn't require admin privillege to be written and executed from.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Exploitation for Defense Evasion - T1211 (fe926152-f431-4baf-956c-4ad3cb0bf23b)	Attack Pattern	Writing Of Malicious Files To The Fonts Folder (ae9b0bd7-8888-4606-b444-0ed7410cb728)	Sigma-Rules	1
Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830)	Attack Pattern	Writing Of Malicious Files To The Fonts Folder (ae9b0bd7-8888-4606-b444-0ed7410cb728)	Sigma-Rules	1