Windows Binaries Write Suspicious Extensions (b8fd0e93-ff58-4cbd-8f48-1c114e342e62)
Detects Windows executables that write files with suspicious extensions
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0) | Attack Pattern | Windows Binaries Write Suspicious Extensions (b8fd0e93-ff58-4cbd-8f48-1c114e342e62) | Sigma-Rules | 1 |