<<< Hide Navigation Hide TOC >>>
QuickAssist Execution (e20b5b14-ce93-4230-88af-981983ef6e74)
Detects the execution of Microsoft Quick Assist tool "QuickAssist.exe". This utility can be used by attackers to gain remote access.
Cluster A![]() |
Galaxy A![]() |
Cluster B![]() |
Galaxy B![]() |
Level![]() |
---|---|---|---|---|
Remote Access Software - T1219 (4061e78c-1284-44b4-9116-73e4ac3912f7) | Attack Pattern | QuickAssist Execution (e20b5b14-ce93-4230-88af-981983ef6e74) | Sigma-Rules | 1 |