Potentially Suspicious Execution Of Regasm/Regsvcs From Uncommon Location (cc368ed0-2411-45dc-a222-510ace303cb2)

Detects potentially suspicious execution of the Regasm/Regsvcs utilities from a potentially suspicious location

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Regsvcs/Regasm - T1218.009 (c48a67ee-b657-45c1-91bf-6cdbe27205f8)	Attack Pattern	Potentially Suspicious Execution Of Regasm/Regsvcs From Uncommon Location (cc368ed0-2411-45dc-a222-510ace303cb2)	Sigma-Rules	1
Regsvcs/Regasm - T1218.009 (c48a67ee-b657-45c1-91bf-6cdbe27205f8)	Attack Pattern	System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4)	Attack Pattern	2