Linux Base64 Encoded Shebang In CLI (fe2f9663-41cb-47e2-b954-8a228f3b9dff)
Detects the presence of a base64 version of the shebang in the commandline, which could indicate a malicious payload about to be decoded
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Deobfuscate/Decode Files or Information - T1140 (3ccef7ae-cb5e-48f6-8302-897105fbf55c) | Attack Pattern | Linux Base64 Encoded Shebang In CLI (fe2f9663-41cb-47e2-b954-8a228f3b9dff) | Sigma-Rules | 1 |