HackTool - EDRSilencer Execution (eb2d07d4-49cb-4523-801a-da002df36602)
Detects the execution of EDRSilencer, a tool that leverages Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server based on PE metadata information.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| HackTool - EDRSilencer Execution (eb2d07d4-49cb-4523-801a-da002df36602) | Sigma-Rules | Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) | Attack Pattern | 1 |