Shell Execution via Rsync - Linux (e2326866-609f-4015-aea9-7ec634e8aa04)
Detects the use of the "gcc" utility to execute a shell. Such behavior may be associated with privilege escalation, unauthorized command execution, or to break out from restricted environments.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) | Attack Pattern | Shell Execution via Rsync - Linux (e2326866-609f-4015-aea9-7ec634e8aa04) | Sigma-Rules | 1 |