Perl Inline Command Execution (f426547a-e0f7-441a-b63e-854ac5bdf54d)
Detects execution of perl using the "-e"/"-E" flags. This is could be used as a way to launch a reverse shell or execute live perl code.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) | Attack Pattern | Perl Inline Command Execution (f426547a-e0f7-441a-b63e-854ac5bdf54d) | Sigma-Rules | 1 |