Skip to content

Hide Navigation Hide TOC

HackTool - SharpUp PrivEsc Tool Execution (c484e533-ee16-4a93-b6ac-f0ea4868b2f1)

Detects the use of SharpUp, a tool for local privilege escalation

Cluster A Galaxy A Cluster B Galaxy B Level
Group Policy Discovery - T1615 (1b20efbf-8063-4fc3-a07d-b575318a301b) Attack Pattern HackTool - SharpUp PrivEsc Tool Execution (c484e533-ee16-4a93-b6ac-f0ea4868b2f1) Sigma-Rules 1
HackTool - SharpUp PrivEsc Tool Execution (c484e533-ee16-4a93-b6ac-f0ea4868b2f1) Sigma-Rules Executable Installer File Permissions Weakness - T1574.005 (70d81154-b187-45f9-8ec5-295d01255979) Attack Pattern 1
HackTool - SharpUp PrivEsc Tool Execution (c484e533-ee16-4a93-b6ac-f0ea4868b2f1) Sigma-Rules Service Execution - T1569.002 (f1951e8a-500e-4a26-8803-76d95c4554b4) Attack Pattern 1
Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6) Attack Pattern Executable Installer File Permissions Weakness - T1574.005 (70d81154-b187-45f9-8ec5-295d01255979) Attack Pattern 2
System Services - T1569 (d157f9d2-d09a-4efa-bb2a-64963f94e253) Attack Pattern Service Execution - T1569.002 (f1951e8a-500e-4a26-8803-76d95c4554b4) Attack Pattern 2