Interesting Service Enumeration Via Sc.EXE (e83e8899-c9b2-483b-b355-5decc942b959)
Detects the enumeration and query of interesting and in some cases sensitive services on the system via "sc.exe". Attackers often try to enumerate the services currently running on a system in order to find different attack vectors.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Interesting Service Enumeration Via Sc.EXE (e83e8899-c9b2-483b-b355-5decc942b959) | Sigma-Rules | OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) | Attack Pattern | 1 |