Potential Amazon SSM Agent Hijacking (d20ee2f4-822c-4827-9e15-41500b1fff10)

Detects potential Amazon SSM agent hijack attempts as outlined in the Mitiga research report.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Remote Desktop Software - T1219.002 (d4287702-e2f7-4946-bdfa-2c7f5aaa5032)	Attack Pattern	Potential Amazon SSM Agent Hijacking (d20ee2f4-822c-4827-9e15-41500b1fff10)	Sigma-Rules	1
Remote Desktop Software - T1219.002 (d4287702-e2f7-4946-bdfa-2c7f5aaa5032)	Attack Pattern	Remote Access Tools - T1219 (4061e78c-1284-44b4-9116-73e4ac3912f7)	Attack Pattern	2