Skip to content

Hide Navigation Hide TOC

Password Protected Compressed File Extraction Via 7Zip (b717b8fd-6467-4d7d-b3d3-27f9a463af77)

Detects usage of 7zip utilities (7z.exe, 7za.exe and 7zr.exe) to extract password protected zip files.

Cluster A Galaxy A Cluster B Galaxy B Level
Archive via Utility - T1560.001 (00f90846-cbd1-4fc5-9233-df5c2bf2a662) Attack Pattern Password Protected Compressed File Extraction Via 7Zip (b717b8fd-6467-4d7d-b3d3-27f9a463af77) Sigma-Rules 1
Archive via Utility - T1560.001 (00f90846-cbd1-4fc5-9233-df5c2bf2a662) Attack Pattern Archive Collected Data - T1560 (53ac20cd-aca3-406e-9aa0-9fc7fdc60a5a) Attack Pattern 2