Renamed PAExec Execution (c4e49831-1496-40cf-8ce1-b53f942b02f9)
Detects execution of renamed version of PAExec. Often used by attackers
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Indirect Command Execution - T1202 (3b0e52ce-517a-4614-a523-1bd5deef6c5e) | Attack Pattern | Renamed PAExec Execution (c4e49831-1496-40cf-8ce1-b53f942b02f9) | Sigma-Rules | 1 |