File Download From IP Based URL Via CertOC.EXE (b86f6dea-0b2f-41f5-bdcc-a057bd19cd6a)
Detects when a user downloads a file from an IP based URL using CertOC.exe
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) | Attack Pattern | File Download From IP Based URL Via CertOC.EXE (b86f6dea-0b2f-41f5-bdcc-a057bd19cd6a) | Sigma-Rules | 1 |