Skip to content

Hide Navigation Hide TOC

Access To Potentially Sensitive Sysvol Files By Uncommon Applications (d51694fe-484a-46ac-92d6-969e76d60d10)

Detects file access requests to potentially sensitive files hosted on the Windows Sysvol share.

Cluster A Galaxy A Cluster B Galaxy B Level
Access To Potentially Sensitive Sysvol Files By Uncommon Applications (d51694fe-484a-46ac-92d6-969e76d60d10) Sigma-Rules Group Policy Preferences - T1552.006 (8d7bd4f5-3a89-4453-9c82-2c8894d5655e) Attack Pattern 1
Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517) Attack Pattern Group Policy Preferences - T1552.006 (8d7bd4f5-3a89-4453-9c82-2c8894d5655e) Attack Pattern 2