Antivirus Relevant File Paths Alerts (c9a88268-0047-4824-ba6e-4d81ce0b907c)
Detects an Antivirus alert in a highly relevant file path or with a relevant file name. This event must not be ignored just because the AV has blocked the malware but investigate, how it came there in the first place.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Obtain Capabilities - T1588 (ce0687a0-e692-4b77-964a-0784a8e54ff1) | Attack Pattern | Antivirus Relevant File Paths Alerts (c9a88268-0047-4824-ba6e-4d81ce0b907c) | Sigma-Rules | 1 |