Persistence Via Sudoers Files (ddb26b76-4447-4807-871f-1b035b2bfa5d)

Detects creation of sudoers file or files in "sudoers.d" directory which can be used a potential method to persiste privileges for a specific user.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Cron - T1053.003 (2acf44aa-542f-4366-b4eb-55ef5747759c)	Attack Pattern	Persistence Via Sudoers Files (ddb26b76-4447-4807-871f-1b035b2bfa5d)	Sigma-Rules	1
Cron - T1053.003 (2acf44aa-542f-4366-b4eb-55ef5747759c)	Attack Pattern	Scheduled Task/Job - T1053 (35dd844a-b219-4e2b-a6bb-efa9a75995a9)	Attack Pattern	2