Microsoft Binary Suspicious Communication Endpoint (e0f8ab85-0ac9-423b-a73a-81b3c7b1aa97)
Detects executables located in potentially suspicious directories initiating network connections towards file sharing domains.
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Microsoft Binary Suspicious Communication Endpoint (e0f8ab85-0ac9-423b-a73a-81b3c7b1aa97) | Sigma-Rules | Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) | Attack Pattern | 1 |