Skip to content

Hide Navigation Hide TOC

Conhost.exe CommandLine Path Traversal (ee5e119b-1f75-4b34-add8-3be976961e39)

detects the usage of path traversal in conhost.exe indicating possible command/argument confusion/hijacking

Cluster A Galaxy A Cluster B Galaxy B Level
Conhost.exe CommandLine Path Traversal (ee5e119b-1f75-4b34-add8-3be976961e39) Sigma-Rules Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) Attack Pattern 1
Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) Attack Pattern Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) Attack Pattern 2